Описание
RSA Adaptive Authentication (On-Premise) 6.0.2.1 through 7.1 P3, when using device binding in a Challenge SOAP call or using the RSA Adaptive Authentication Integration Adapters with Out-of-Band Phone (Authentify) functionality, conducts permanent device binding even when authentication fails, which allows remote attackers to bypass authentication.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch2:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch3:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2_patch1:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp3:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp3_p3:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:7.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:7.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:7.1:p2:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00999
Низкий
5 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
RSA Adaptive Authentication (On-Premise) 6.0.2.1 through 7.1 P3, when using device binding in a Challenge SOAP call or using the RSA Adaptive Authentication Integration Adapters with Out-of-Band Phone (Authentify) functionality, conducts permanent device binding even when authentication fails, which allows remote attackers to bypass authentication.
EPSS
Процентиль: 76%
0.00999
Низкий
5 Medium
CVSS2
Дефекты
CWE-287