Bypassing Active Directory Authentication in VASCO IDENTIKEY Authentication Server
CVE-2013-7292 · LOW Severity
AV:N/AC:M/AU:S/C:P/I:N/A:N
VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authenticated users to bypass Active Directory (AD) authentication by entering only a DIGIPASS one-time password, instead of the intended combination of this one-time password and a multiple-time AD password.
Learn more about our Cis Benchmark Audit For Server Software.