Name of the Vulnerable Software and Affected Versions:

Rule Set Based Access Control (RSBAC) versions prior to 1.3.5

Description:

The issue allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes. This is due to the improper use of the Linux Kernel Crypto API for the Linux kernel 2.6.x.

Recommendations:

For versions prior to 1.3.5, update to version 1.3.5 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.