EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before 10.2.4 and 10.3.x before 10.3.2, when Kerberos PAM is enabled, do not require a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid account name.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2014-05/0052.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2014-05-16T10:00:00
Updated: 2014-05-16T02:57:01
Reserved: 2014-01-02T00:00:00
Link: CVE-2014-0643
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-05-16T11:11:59.383
Modified: 2018-12-12T16:27:27.150
Link: CVE-2014-0643
JSON object: View
Redhat Information
No data.
CWE