Bypassing Active Directory Authentication in VASCO IDENTIKEY Authentication Server

Bypassing Active Directory Authentication in VASCO IDENTIKEY Authentication Server

CVE-2013-7292 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authenticated users to bypass Active Directory (AD) authentication by entering only a DIGIPASS one-time password, instead of the intended combination of this one-time password and a multiple-time AD password.

Learn more about our Cis Benchmark Audit For Server Software.