Skip to content
  • There are no suggestions because the search field is empty.

ESA-2014-027: RSA NetWitness and RSA Security Analytics Authentication Bypass Vulnerability

Tags: RSA NetWitness Platform, Security Advisories

Advisory Type

Security


Advisory Content

EMC Identifier: ESA-2014-027

CVE Identifier: CVE-2014-0643

Severity Rating: CVSS v2 Base Score:7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

Affected Products:  RSA NetWitness 9.8.5.17 or earlier, RSA Security Analytics 10.2.3 or earlier, RSA Security Analytics 10.3.1 or earlier

 

Unaffected Products: RSA Security Analytics 10.2.4 or greater, RSA Security Analytics 10.3.2 or greater

 

Summary: 

RSA NetWitness and RSA Security Analytics have a security fix to address an authentication bypass vulnerability.

Details: 

RSA NetWitness and RSA Security Analytics each contain a security fix for an authentication bypass vulnerability that could potentially be exploited to compromise the affected system. When PAM for Kerberos is enabled, an attacker can authenticate to the vulnerable system with a valid user name and without specifying a password.  This issue does not affect other authentication methods.

Further information about this resolution and other fixes can be found in the Release Notes.

Recommendation:

RSA strongly recommends that RSA NetWitness and RSA Security Analytics customers upgrade to versions listed below that contains the resolution for this issue.

á          RSA NetWitness 9.8.5.19

á          RSA Security Analytics 10.2.4

á          RSA Security Analytics 10.3.2