Description
EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52557
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48484
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026819
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80207
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74140
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-03/0081.html
Scores
EPSS
0.0135
EPSS Percentile
68.1%
Details
CWE
CWE-287
Status
published
Products (2)
rsa/envision
4.0 sp1 (4 CPE variants)
rsa/envision
4.1
Published
Mar 20, 2012
Tracked Since
Feb 18, 2026