3 matches found
ESA-2014-160: RSA® Adaptive Authentication (On-Premise) Authentication Bypass Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-160: RSA® Adaptive Authentication On-Premise Authentication Bypass Vulnerability EMC Identifier: ESA-2014-160 CVE Identifier: CVE-2014-4631 Severity Rating: CVSS: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected Products: RSA Adaptive Authentication...
CVE-2014-4631
RSA Adaptive Authentication On-Premise 6.0.2.1 through 7.1 P3, when using device binding in a Challenge SOAP call or using the RSA Adaptive Authentication Integration Adapters with Out-of-Band Phone Authentify functionality, conducts permanent device binding even when authentication fails, which...
CVE-2014-4631
Affected software : RSA Adaptive Authentication On-Premise (6.0.2.1–7.1 P3) and RSA Adaptive Authentication Integration Adapters (1.x/2.x). Issue : When a device binding is requested in a Challenge SOAP call (or via Out-of-Band Phone/Authentify adapters), permanent device binding occurs even if a...