PT-2017-18063 · Rsa+1 · Rsa Via Lifecycle/Governance+2
Publicado
2017-07-17
·
Atualizado
2021-08-06
·
CVE-2017-8005
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
EMC RSA Identity Governance and Lifecycle versions 7.0.1 through 7.0.2
RSA Via Lifecycle and Governance version 7.0
RSA Identity Management and Governance (RSA IMG) version 6.9.1
Description
The issue concerns multiple stored cross-site scripting vulnerabilities. Remote authenticated malicious users could potentially inject arbitrary HTML code to the application.
Recommendations
For EMC RSA Identity Governance and Lifecycle versions 7.0.1 and 7.0.2, update to a version that includes the fix for the stored cross-site scripting vulnerabilities.
For RSA Via Lifecycle and Governance version 7.0, update to a version that includes the fix for the stored cross-site scripting vulnerabilities.
For RSA Identity Management and Governance (RSA IMG) version 6.9.1, update to a version that includes the fix for the stored cross-site scripting vulnerabilities.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Rsa Identity Governance/Lifecycle
Rsa Identity Management/Governance
Rsa Via Lifecycle/Governance