PT-2016-4472 · Rsa+1 · Rsa Via Lifecycle/Governance+1

Publicado

2016-09-24

·

Atualizado

2017-07-30

·

CVE-2016-0918

CVSS v3.1

4.3

Média

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions EMC RSA Identity Management and Governance versions prior to 6.8.1 P25 EMC RSA Identity Management and Governance versions 6.9.x prior to 6.9.1 P15 RSA Via Lifecycle and Governance versions prior to 7.0.0 P04
Description The issue allows remote authenticated users to obtain User Detail Popup information via a modified URL.
Recommendations For EMC RSA Identity Management and Governance versions prior to 6.8.1 P25, update to version 6.8.1 P25 or later. For EMC RSA Identity Management and Governance versions 6.9.x prior to 6.9.1 P15, update to version 6.9.1 P15 or later. For RSA Via Lifecycle and Governance versions prior to 7.0.0 P04, update to version 7.0.0 P04 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2016-0918

Produtos afetados

Rsa Identity Management/Governance
Rsa Via Lifecycle/Governance