Vulnerability Details CVE-2015-6851
EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.8%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 7.2
References
- http://packetstormsecurity.com/files/135013/RSA-SecurID-Web-Agent-Authentication-Bypass.html
- http://seclists.org/bugtraq/2015/Dec/115
- http://www.securityfocus.com/bid/79646
- http://www.securitytracker.com/id/1034510
- http://packetstormsecurity.com/files/135013/RSA-SecurID-Web-Agent-Authentication-Bypass.html
- http://seclists.org/bugtraq/2015/Dec/115
- http://www.securityfocus.com/bid/79646
- http://www.securitytracker.com/id/1034510
Products affected by CVE-2015-6851
-
cpe:2.3:a:rsa:securid_web_agent:-
-
cpe:2.3:a:rsa:securid_web_agent:5
-
cpe:2.3:a:rsa:securid_web_agent:5.2
-
cpe:2.3:a:rsa:securid_web_agent:5.3
-
cpe:2.3:a:rsa:securid_web_agent:5.3.4
-
cpe:2.3:a:rsa:securid_web_agent:5.3.5
-
cpe:2.3:a:rsa:securid_web_agent:7.2.1