Rsbac: >> Rule Set Based Access Control >> 1.0 Security Vulnerabilities
Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes.
CVSS Score
6.4
EPSS Score
0.005
Published
2007-07-23