CVE-2012-0400

EMC RSA enVision <4.1.4 - Auth Bypass

Title source: llm

Description

EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

References (6)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2012-03/0081.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/74140

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/52557

[Third Party Advisory, VDB Entry] http://osvdb.org/80207

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1026819

[Third Party Advisory] http://secunia.com/advisories/48484

Scores

EPSS 0.0096

EPSS Percentile 76.3%

Classification

CWE

CWE-287

Status draft

Affected Products (5)

rsa/envision

Timeline

Published Mar 20, 2012

Tracked Since Feb 18, 2026