Lucene search

[email protected]NVD:CVE-2014-4619

HistoryAug 28, 2014 - 1:55 a.m.

CVE-2014-4619

2014-08-2801:55:03

CWE-287

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.3%

JSON

EMC RSA Identity Management and Governance (IMG) 6.5.x before 6.5.1 P11, 6.5.2 before P02HF01, and 6.8.x before 6.8.1 P07, when Novell Identity Manager (aka NovellIM) is used, allows remote attackers to bypass authentication via an arbitrary valid username.

Affected configurations

NVD

Node

emcrsa_identity_management_and_governanceMatch6.5.0

emcrsa_identity_management_and_governanceMatch6.5.1

emcrsa_identity_management_and_governanceMatch6.5.2

emcrsa_identity_management_and_governanceMatch6.8.0

emcrsa_identity_management_and_governanceMatch6.8.1

References

archives.neohapsis.com/archives/bugtraq/2014-08/0133.html

packetstormsecurity.com/files/128005/RSA-Identity-Management-And-Governance-Authentication-Bypass.html

secunia.com/advisories/60281

www.securityfocus.com/bid/69411

www.securitytracker.com/id/1030759

exchange.xforce.ibmcloud.com/vulnerabilities/95483

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for NVD:CVE-2014-4619

securityvulns2 prion1 cve1 cvelist1