← Back to CVEs
CVE-2013-0941
N/ADescription
EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
CVE Details
CVSS v3.1 ScoreN/A
Published5/22/2013
Last Modified4/29/2026
Sourcenvd
Honeypot Sightings0
Affected Products
apache:http_servermicrosoft:internet_information_servermicrosoft:windowsrsa:authentication_agentrsa:authentication_apirsa:pluggable_authentication_module_agentrsa:securid_web_agent
Weaknesses (CWE)
CWE-310
References
http://archives.neohapsis.com/archives/bugtraq/2013-05/0064.html(security_alert@emc.com)
http://archives.neohapsis.com/archives/bugtraq/2013-05/0064.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.