CVE-2013-0941

CVE Database · CVE-2013-0941

CVE-2013-0941

· N/AModified

CVSS v3.1

N/A

EPSS

1.26%

Published

May 22, 2013

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.

Weaknesses (CWE)

CWE-310

Affected Products (8)

rsa · authentication_apivulnerable

rsa · securid_web_agentvulnerable

apache · http_server

rsa · securid_web_agentvulnerable

microsoft · internet_information_server

rsa · pluggable_authentication_module_agentvulnerable

rsa · authentication_agentvulnerable

microsoft · windows

References (2)

http://archives.neohapsis.com/archives/bugtraq/2013-05/0064.html

KEV Catalog EPSS Scores Vendors All CVEs