What is CVE-2015-6851?

CVE-2015-6851 is a medium-severity vulnerability in Rsa Securid_web_agent, classified under Improper Access Control. CVSS score: 6.7/10. Published 2015-12-23.

How severe is CVE-2015-6851?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Vulnerability in Rsa Securid_web_agent

CVE-2015-6851

EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector.

EPSS: 0.000 (15.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Rsa Securid_web_agent
N/a — versions n/a

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

20151221 ESA-2015-177: RSA SecurID Web Agent Authentication Bypass Vulnerability (mailing-list, x_refsource_BUGTRAQ)
1034510 (vdb-entry, x_refsource_SECTRACK)
security_alert@emc.com (x_refsource_MISC)
79646 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2015-6851?: CVE-2015-6851 is a medium-severity vulnerability in Rsa Securid_web_agent, classified under Improper Access Control. CVSS score: 6.7/10. Published 2015-12-23.
How severe is CVE-2015-6851?: Medium severity. CVSS v3 base score is 6.7 out of 10.