Vulnerability Description
EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a screensaved session by entering a PIN after timeout expiration.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rsa | Authentication Agent For Windows | 7.1 |
| Microsoft | Windows 2003 Server | All versions |
| Microsoft | Windows Xp | All versions |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2013-03/0001.html
- http://archives.neohapsis.com/archives/bugtraq/2013-03/0001.html
FAQ
What is CVE-2013-0931?
CVE-2013-0931 is a vulnerability with a CVSS score of 5.4 (MEDIUM). EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a s...
How severe is CVE-2013-0931?
CVE-2013-0931 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-0931?
Check the references section above for vendor advisories and patch information. Affected products include: Rsa Authentication Agent For Windows, Microsoft Windows 2003 Server, Microsoft Windows Xp.