CVE-2013-3271

EMC RSA Authentication Agent for PAM <7.0.2.1 - Info Disclosure

Title source: llm
STIX 2.1

Description

EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempts within the PAM-enabled application codebase, instead of within the Agent codebase, which makes it easier for remote attackers to discover correct login credentials via a brute-force attack.

References (1)

Core 1
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-08/0123.html

Scores

EPSS 0.0027
EPSS Percentile 51.0%

Details

CWE
CWE-255
Status published
Products (3)
emc/rsa_authentication_agent 7.0.0
emc/rsa_authentication_agent 7.0.1
emc/rsa_authentication_agent 7.0.2
Published Aug 28, 2013
Tracked Since Feb 18, 2026