Authentication bypass in RSA Authentication Agent
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-14377 CVE-2017-14378 |
| CWE-ID | CWE-20 CWE-388 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
RSA Authentication Agent Client/Desktop applications / Other client software RSA Authentication Agent SDK Other software / Other software solutions RSA Authentication Agent API Other software / Other software solutions |
| Vendor |
Dell RSA |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Authentication bypass
EUVDB-ID: #VU9436
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-14377
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication on the target system.
The weakness exists in RSA Authentication Agent for Web for Apache Web Server due to input validation flaw. A remote attacker can supply specially crafted data and gain access to resources ostensibly protected by the target agent.
MitigationInstall update from vendor's website (8.0.1 Build 618).
Vulnerable software versionsRSA Authentication Agent: 8.0 - 8.0.1
CPE2.3- cpe:2.3:a:dell:rsa_authentication_agent:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:dell:rsa_authentication_agent:8.0.1:*:*:*:*:*:*:*
https://seclists.org/fulldisclosure/2017/Nov/46
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Error handling
EUVDB-ID: #VU9443
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-14378
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication on the target system.
The weakness exists in RSA Authentication Agent for Web for Apache Web Server due to improper handling of return codes from the API/SDK. A remote attacker can trigger an error handling flaw and bypass authentication.
MitigationInstall update from vendor's website (API 8.5.1 for C, SDK 8.6.1 for C).
Vulnerable software versionsRSA Authentication Agent SDK: 8.6
RSA Authentication Agent API: 8.5
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_agent_sdk:8.6:*:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_agent_api:8.5:*:*:*:*:*:*:*
https://seclists.org/fulldisclosure/2017/Nov/46
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
