EMC RSA Identity Management and Governance (IMG) 6.5.x before 6.5.1 P11, 6.5.2 before P02HF01, and 6.8.x before 6.8.1 P07, when Novell Identity Manager (aka NovellIM) is used, allows remote attackers to bypass authentication via an arbitrary valid username.
https://exchange.xforce.ibmcloud.com/vulnerabilities/95483
http://www.securitytracker.com/id/1030759
http://www.securityfocus.com/bid/69411
http://secunia.com/advisories/60281
http://archives.neohapsis.com/archives/bugtraq/2014-08/0133.html