CVE-2020-5384 — HIGH (8.4) — White Hats Nepal

Vulnerability Description

Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authentication Bypass vulnerability. A local unauthenticated attacker could potentially exploit this vulnerability by using an alternate path to bypass authentication in order to gain full access to the system.

CVSS Score

8.4

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Rsa	Multifactor Authentication Agent	2.0

Related Weaknesses (CWE)

CWE-287 CWE-288

References

https://community.rsa.com/docs/DOC-113541Vendor Advisory
https://community.rsa.com/docs/DOC-113541Vendor Advisory

FAQ

What is CVE-2020-5384?

CVE-2020-5384 is a vulnerability with a CVSS score of 8.4 (HIGH). Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authentication Bypass vulnerability. A local unauthenticated attacker could potentially exploit this vulnerabili...

How severe is CVE-2020-5384?

CVE-2020-5384 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-5384?

Check the references section above for vendor advisories and patch information. Affected products include: Rsa Multifactor Authentication Agent.