CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-3321

RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.7%

CVSS Severity

CVSS v2 Score 1.5

References

http://www.securityfocus.com/archive/1/514153/100/0/threaded
http://www.securityfocus.com/bid/43795
http://www.securityfocus.com/archive/1/514153/100/0/threaded
http://www.securityfocus.com/bid/43795

Products affected by CVE-2010-3321

Rsa » Authentication Client » Version: 2.0

cpe:2.3:a:rsa:authentication_client:2.0
Rsa » Authentication Client » Version: 3.0

cpe:2.3:a:rsa:authentication_client:3.0
Rsa » Authentication Client » Version: 3.5.1

cpe:2.3:a:rsa:authentication_client:3.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-3321

Products

Pricing

Contact Us