PT-2014-6026 · Emc+1 · Rsa Identity Management/Governance+1
Published
2014-08-28
·
Updated
2017-08-29
·
CVE-2014-4619
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
EMC RSA Identity Management and Governance (IMG) versions 6.5.x through 6.5.1 P10
EMC RSA Identity Management and Governance (IMG) version 6.5.2 through 6.5.2 P01
EMC RSA Identity Management and Governance (IMG) versions 6.8.x through 6.8.1 P06
Description
The issue allows remote attackers to bypass authentication via an arbitrary valid
username. This occurs when Novell Identity Manager is used.Recommendations
For versions 6.5.x through 6.5.1 P10, update to version 6.5.1 P11 or later.
For version 6.5.2 through 6.5.2 P01, update to version 6.5.2 P02HF01 or later.
For versions 6.8.x through 6.8.1 P06, update to version 6.8.1 P07 or later.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rsa Identity Management/Governance
Novell Identity Manager