Vulnerability Details CVE-2014-4619
EMC RSA Identity Management and Governance (IMG) 6.5.x before 6.5.1 P11, 6.5.2 before P02HF01, and 6.8.x before 6.8.1 P07, when Novell Identity Manager (aka NovellIM) is used, allows remote attackers to bypass authentication via an arbitrary valid username.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.8%
CVSS Severity
CVSS v2 Score 9.3
References
- http://archives.neohapsis.com/archives/bugtraq/2014-08/0133.html
- http://packetstormsecurity.com/files/128005/RSA-Identity-Management-And-Governance-Authentication-Bypass.html
- http://secunia.com/advisories/60281
- http://www.securityfocus.com/bid/69411
- http://www.securitytracker.com/id/1030759
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95483
- http://archives.neohapsis.com/archives/bugtraq/2014-08/0133.html
- http://packetstormsecurity.com/files/128005/RSA-Identity-Management-And-Governance-Authentication-Bypass.html
- http://secunia.com/advisories/60281
- http://www.securityfocus.com/bid/69411
- http://www.securitytracker.com/id/1030759
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95483
Products affected by CVE-2014-4619
-
cpe:2.3:a:emc:rsa_identity_management_and_governance:6.5.0
-
cpe:2.3:a:emc:rsa_identity_management_and_governance:6.5.1
-
cpe:2.3:a:emc:rsa_identity_management_and_governance:6.5.2
-
cpe:2.3:a:emc:rsa_identity_management_and_governance:6.8.0
-
cpe:2.3:a:emc:rsa_identity_management_and_governance:6.8.1