PT-2013-2725 · Microsoft+1 · Windows+1

Published

2013-03-05

Updated

2013-03-06

CVE-2013-0931

CVSS v2.0

5.4

Medium

Vector

AV:A/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions EMC RSA Authentication Agent version 7.1.x before 7.1.2 on Windows

Description The issue allows physically proximate attackers to bypass the passcode requirement for a screensaved session by entering a PIN after timeout expiration, due to the lack of enforcement of the Quick PIN Unlock timeout feature.

Recommendations For EMC RSA Authentication Agent version 7.1.x before 7.1.2 on Windows, update to version 7.1.2 or later to enforce the Quick PIN Unlock timeout feature and prevent bypassing the passcode requirement.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-16

Related Identifiers

CVE-2013-0931

Affected Products

Emc Rsa Authentication Agent

Windows

PT-2013-2725 · Microsoft+1 · Windows+1

CVE-2013-0931

Weakness Enumeration

Related Identifiers

Affected Products

References · 2