PT-2013-4267 · Emc · Emc Rsa Authentication Agent For Pam

Published

2013-08-28

Updated

2013-10-07

CVE-2013-3271

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions EMC RSA Authentication Agent for PAM version 7.0 through 7.0.2.0

Description The issue makes it easier for remote attackers to discover correct login credentials via a brute-force attack because the maximum number of login attempts is enforced within the PAM-enabled application codebase instead of within the Agent codebase.

Recommendations For EMC RSA Authentication Agent for PAM versions 7.0 through 7.0.2.0, update to version 7.0.2.1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2013-3271

Affected Products

Emc Rsa Authentication Agent For Pam

PT-2013-4267 · Emc · Emc Rsa Authentication Agent For Pam

CVE-2013-3271

Weakness Enumeration

Related Identifiers

Affected Products

References · 2