Contact Us
SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME
 
Security Dashboard | US-CERTs | SecurityFocus | Advisories | Exploits | Threats | Vulnerabilities | Risks
Network Security Consulting Advisories Article

RSA Access Manager Server Session Replay Security Bypass Vulnerability

http://www.securityfocus.com/bid/54301

Security Info

Bugtraq ID: 54301
Class: Design Error
CVE: CVE-2012-2281
Remote: Yes
Local: No
Published: Jul 04 2012 12:00AM
Updated: Jul 04 2012 12:00AM
Credit: The vendor reported this issue.
Vulnerable:
Not Vulnerable:

Security Discussion

RSA Access Manager Server is prone to a security-bypass vulnerability.

Successful exploits may allow attackers to hijack web sessions or bypass authentication through a replay attack and gain access to a victim's email account.

Proof of Concept and Security Exploits

An attacker can carry out this attack using readily available network utilities.

Security Solution(s)

Solution:
Vendor updates are available. Please see the references for more information.

Security References(s)

References:

Contact Us

Security Penetration Testing

Security Questions

Security Dashboard

Emagined Security Blog featuring Dr. Eugene Schultz
Site Updated May 24, 2013
©2000-2013 Emagined Security
All Rights Reserved

Secure Web Programming
by Vizual Services