CVE-2014-4619

EUVD-2014-4545
EMC RSA Identity Management and Governance (IMG) 6.5.x before 6.5.1 P11, 6.5.2 before P02HF01, and 6.8.x before 6.8.1 P07, when Novell Identity Manager (aka NovellIM) is used, allows remote attackers to bypass authentication via an arbitrary valid username.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
emcrsa_identity_management_and_governance
6.5.0
emcrsa_identity_management_and_governance
6.5.1
emcrsa_identity_management_and_governance
6.5.2
emcrsa_identity_management_and_governance
6.8.0
emcrsa_identity_management_and_governance
6.8.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2014-08/0133.html
http://packetstormsecurity.com/files/128005/RSA-Identity-Management-And-Governance-Authentication-Bypass.html
http://secunia.com/advisories/60281
http://www.securityfocus.com/bid/69411
http://www.securitytracker.com/id/1030759
https://exchange.xforce.ibmcloud.com/vulnerabilities/95483
http://archives.neohapsis.com/archives/bugtraq/2014-08/0133.html
http://packetstormsecurity.com/files/128005/RSA-Identity-Management-And-Governance-Authentication-Bypass.html
http://secunia.com/advisories/60281
http://www.securityfocus.com/bid/69411
http://www.securitytracker.com/id/1030759
https://exchange.xforce.ibmcloud.com/vulnerabilities/95483