You are here

V-223: RSA Authentication Agent for PAM Allows Remote Users to Make Unlimited Login Attempts

August 21, 2013 - 6:00am

Addthis

PROBLEM:

A vulnerability was reported in RSA Authentication Agent for PAM

PLATFORM:

RSA Authentication Agent for PAM 7.0.2 and prior

ABSTRACT:

A remote user can make unlimited login attempts

REFERENCE LINKS:

Security Tracker Alert ID 1028930
CVE-2013-3271

IMPACT ASSESSMENT:

Medium

DISCUSSION:

The system does not restrict the number of login attempts made via the agent

IMPACT:

System Access

SOLUTION:

Vendor has issued a fix

Addthis