CVE-2014-0643 Information

Description

EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before 10.2.4 and 10.3.x before 10.3.2 when Kerberos PAM is enabled do not require a password which allows remote attackers to bypass authentication by leveraging knowledge of a valid account name.

Reference

http://archives.neohapsis.com/archives/bugtraq/2014-05/0052.html