Vulnerability Description
EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation interface for end users, which makes it easier for attackers to bypass one stage of authentication by stealing and replaying a token.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Rsa Security Sitekey | All versions |
References
- http://www.cr-labs.com/publications/SiteKey-20060718.pdf
- http://www.cr-labs.com/publications/WhySiteKey-20060824.pdf
- http://www.cr-labs.com/publications/SiteKey-20060718.pdf
- http://www.cr-labs.com/publications/WhySiteKey-20060824.pdf
FAQ
What is CVE-2006-7200?
CVE-2006-7200 is a vulnerability with a CVSS score of 9.0 (HIGH). EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation interface for end users, which makes it easier for attackers to bypass one stage of authentication b...
How severe is CVE-2006-7200?
CVE-2006-7200 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-7200?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Rsa Security Sitekey.