CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-6180

EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness NextGen 9.8, does not ensure that SA Core requests originate from the SA REST UI, which allows remote attackers to bypass intended access restrictions by sending a Core request from a web browser or other unintended user agent.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.2%

CVSS Severity

CVSS v2 Score 6.8

References

http://archives.neohapsis.com/archives/bugtraq/2013-12/0034.html
http://www.securitytracker.com/id/1029446
http://archives.neohapsis.com/archives/bugtraq/2013-12/0034.html
http://www.securitytracker.com/id/1029446

Products affected by CVE-2013-6180

Emc » Rsa Netwitness Nextgen » Version: 9.8

cpe:2.3:a:emc:rsa_netwitness_nextgen:9.8
Emc » Rsa Security Analytics » Version: 10.0

cpe:2.3:a:emc:rsa_security_analytics:10.0
Emc » Rsa Security Analytics » Version: 10.1

cpe:2.3:a:emc:rsa_security_analytics:10.1
Emc » Rsa Security Analytics » Version: 10.2

cpe:2.3:a:emc:rsa_security_analytics:10.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-6180

Products

Pricing

Contact Us