CVE Daily

CVE-2011-2740

EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or ...

Critical CVSS 9.3

Overview

EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation.

CWE: CWE-264 Published: 2011-11-09T23:55:01.537
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.3 (CRITICAL)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags