Security Bulletin: IBM Tivoli Access Manager - token authentication RSA SecurID library uses weak cryptography (CVE-2013-0941)
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  psirtsecurity psirtlow
0 Comments | 800 Visits
This bulletin applies to the WebSEAL component of Tivoli Access Manager for e-business (TAM) systems participating in token authentication. Earlier versions of the Authentication API provided by RSA used poor cryptography in generating keys which are used to encrypt communications between the WebSEAL system and the RSA Server when performing RSA SecurID token authentication.
Affected product(s) and affected version(s):
X-Force Database: http://xforce.iss.net/xforce/xfdb/84319