What is CVE-2013-0941?

CVE-2013-0941 is a vulnerability in Apache Http_server, classified under Cryptographic Issues. Published 2013-05-22.

Is CVE-2013-0941 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Http_server

CVE-2013-0941

EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorith…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.000 (12.0th percentile) — read the EPSS interpretation.

Affected products

Apache Http_server
Microsoft Internet_information_server
Microsoft Windows
Rsa Authentication_agent
Rsa Authentication_api
Rsa Pluggable_authentication_module_agent
Rsa Securid_web_agent
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

Public proof-of-concept exploits

MilesF25/Shodan
dusbot/cpe2cve
mimishak-um/Vulnerability-Scanner
royans/aprober
xonoxitron/cpe2cve

References

20130516 ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2013-0941?: CVE-2013-0941 is a vulnerability in Apache Http_server, classified under Cryptographic Issues. Published 2013-05-22.
Is CVE-2013-0941 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.