CVE-2013-0931

2013-03-05T22:03:00
ID CVE-2013-0931
Type cve
Reporter cve@mitre.org
Modified 2013-03-06T05:00:00

Description

EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a screensaved session by entering a PIN after timeout expiration. Per http://archives.neohapsis.com/archives/bugtraq/2013-03/att-0001/ESA-2013-012.txt "Affected Products:

Product: RSA Authentication Agent for Microsoft Windows version 7.1 and 7.1.1

Platforms: Windows XP and Windows 2003"