Computer Security
[EN] no-pyccku

RSA NetWitness / RSA Security Analytics authentication bypass
SecurityVulns ID:13775
Threat Level:
Description:Under some conditions, login with empty password is allowed.
Affected:EMC : RSA NetWitness 9.8
 EMC : RSA Security Analytics 10.3
CVE:CVE-2014-0643 (EMC RSA NetWitness before and RSA Security Analytics before 10.2.4 and 10.3.x before 10.3.2, when Kerberos PAM is enabled, do not require a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid account name.)
Original documentdocumentEMC, ESA-2014-027: RSA® NetWitness and RSA® Security Analytics Authentication Bypass Vulnerability (15.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod