1 results (0.002 seconds)
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3321
https://notcve.org/view.php?id=CVE-2010-3321
07 Oct 2010 — RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests. RSA Authentication Client v2.0.x, v3.0 y v3.5.x anterior a v3.5.3 no maneja correctamente la etiqueta SENSITIVE o NON-EXTRACTABLE en un objeto de clave secreta que es almacenado en un autenticador SecurID ... • http://www.securityfocus.com/archive/1/514153/100/0/threaded • CWE-264: Permissions, Privileges, and Access Controls •