CVE-2013-7292 Information

Description

VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authenticated users to bypass Active Directory (AD) authentication by entering only a DIGIPASS one-time password instead of the intended combination of this one-time password and a multiple-time AD password.

Reference

http://www.kb.cert.org/vuls/id/612076