GCVE - cpe:2.3:a:rsa:authentication_agent_for_web:*:*:*:*:*:iis:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:rsa:authentication_agent_for_web:*:*:*:*:*:iis:*:*

part: a version: * update: *

Vendor	Rsa (`6c9430aa-ac8c-5ac3-900a-ccfffd5a25d5`)
Product	Authentication Agent For Web (`ed94c843-5f76-5145-ba9a-463f2b28f637`)
Edition	*
Language	*
Software edition	*
Target software	iis
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-1234`	vulnerable	2026-06-03 14:38:30.584428	Details available RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can exploit this vulnerability to read configuration properties for the authentication agent. Published: 2018-03-30T21:00:00.000Z Updated: 2024-09-16T18:44:10.804Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2018/Mar/60 http://www.securitytracker.com/id/1040577	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-1233`	vulnerable	2026-06-03 14:38:30.582660	Details available RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's browser session in the context of the affected website. Published: 2018-03-30T21:00:00.000Z Updated: 2024-09-16T19:56:31.343Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2018/Mar/60 http://www.securitytracker.com/id/1040577	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-1232`	vulnerable	2026-06-03 14:38:30.582209	Details available RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authentication agent and cause a denial-of-service situation. Published: 2018-03-30T21:00:00.000Z Updated: 2024-09-17T00:25:34.327Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2018/Mar/60 http://www.securitytracker.com/id/1040577	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.