The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent reuse of One Time Password (OTP) tokens, which makes it easier for remote authenticated users to complete transactions by leveraging access to an already-used token.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2014-01-21T01:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2013-08-22T00:00:00
Link: CVE-2013-5429
JSON object: View
NVD Information
Status : Modified
Published: 2014-01-21T01:55:03.527
Modified: 2017-08-29T01:33:46.933
Link: CVE-2013-5429
JSON object: View
Redhat Information
No data.
CWE