CVE-2011-2741

{"id": "CVE-2011-2741", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-12-14T11:55:06.480", "references": [{"url": "http://www.securityfocus.com/archive/1/520850", "source": "security_alert@emc.com"}, {"url": "http://www.securitytracker.com/id?1026420", "source": "security_alert@emc.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly implement Device Recovery and Device Identification, which might allow remote attackers to bypass intended security restrictions on a (1) previously non-registered device or (2) registered device by sending unspecified \"data elements.\""}, {"lang": "es", "value": "EMC RSA Adaptive Authentication On-Premise (AAOP) v6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, y SP3, no aplican correctamente la recuperaci\u00f3n de dispositivos y la identificaci\u00f3n de dispositivos, lo que podr\u00eda permitir a atacantes remotos evitar las restricciones de seguridad en un (1) dispositivo no registrado previamente o (2) dispositivo registrado mediante el env\u00edo no especificado de \"elementos de datos.\""}], "lastModified": "2012-01-24T04:00:47.377", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F97E490D-12E8-420C-990E-2BB4B97D86D1"}, {"criteria": "cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E18C647-3264-46A0-8411-4DB02E470217"}, {"criteria": "cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30CE0F82-18A5-4E1F-B096-8A85AF85F4C4"}, {"criteria": "cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2_patch1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "250D48AB-3B67-402F-AE85-DF8B12E10D32"}, {"criteria": "cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "504CA1D2-9915-4ABF-9D08-C8ED5F86F34A"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}