返回
-
标题
Is NCPass affected by any RSA Vulnerabilities from the Authentication agent API/SDK ? -
说明
Is NCPass affected by any RSA Vulnerabilities from the Authentication agent API/SDK ?
e.g CVE-2017-14378
-
原因
NC-Pass does not use any RSA API/SDK components. -
解决办法
The RSA auth agent brokers the auth request to a different platform ( Unix or Windows ) running the RSA ACE server. The application requesting the 2 factor authentication communicates with the auth agent using an API or the RSA SDK.NC-Pass manages the authentication process entirely by itself, without using any ACE server for the authentication. The auth process happens entirely on the IBM zSeries platform, so because there is no use of any RSA authentication agents, so this vulnerability CVE-2017-14378 is not applicable.