ESA-2014-160: RSA® Adaptive Authentication (On-Premise) Authentication Bypass Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-160: RSA® Adaptive Authentication On-Premise Authentication Bypass Vulnerability EMC Identifier: ESA-2014-160 CVE Identifier: CVE-2014-4631 Severity Rating: CVSS: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected Products: RSA Adaptive Authentication...

CVE-2014-4631

RSA Adaptive Authentication On-Premise 6.0.2.1 through 7.1 P3, when using device binding in a Challenge SOAP call or using the RSA Adaptive Authentication Integration Adapters with Out-of-Band Phone Authentify functionality, conducts permanent device binding even when authentication fails, which...

Authentication flaw

RSA Adaptive Authentication On-Premise 6.0.2.1 through 7.1 P3, when using device binding in a Challenge SOAP call or using the RSA Adaptive Authentication Integration Adapters with Out-of-Band Phone Authentify functionality, conducts permanent device binding even when authentication fails, which...