Back to search
CVE-2018-1234
Published: Mar 30, 2018
Modified: Sep 16, 2024
PUBLISHED
Description
RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can exploit this vulnerability to read configuration properties for the authentication agent.
| Vendor | Product | Versions |
|---|---|---|
Dell EMC | RSA Authentication Agent for Web for IIS | affected version 8.0.1 and earlier |
References
20180326 DSA-2018-040: RSA Authentication Agent for Web for IIS and Apache Web Server Multiple Vulnerabilities
mailing-list
x_refsource_FULLDISC
1040577
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now