Computer Security
[EN] securityvulns.ru no-pyccku


RSA NetWitness / RSA Security Analytics authentication bypass
Published:15.05.2014
Source:
SecurityVulns ID:13775
Type:remote
Threat Level:
6/10
Description:Under some conditions, login with empty password is allowed.
Affected:EMC : RSA NetWitness 9.8
 EMC : RSA Security Analytics 10.3
CVE:CVE-2014-0643 (EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before 10.2.4 and 10.3.x before 10.3.2, when Kerberos PAM is enabled, do not require a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid account name.)
Original documentdocumentEMC, ESA-2014-027: RSA® NetWitness and RSA® Security Analytics Authentication Bypass Vulnerability (15.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod