CVE-2006-7201

Sažetak

EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP.

Reference

http://www.cr-labs.com/publications/SiteKey-20060718.pdf
http://www.cr-labs.com/publications/WhySiteKey-20060824.pdf

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

05-09-2008 - 21:16

Objavljeno

30-04-2007 - 23:19