CVE-2018-1182

Name of the Vulnerable Software and Affected Versions EMC RSA Identity Governance and Lifecycle versions 7.0.1 through 7.0.2 RSA Via Lifecycle and Governance version 7.0 RSA Identity Management & Governance (RSA IMG) versions 6.9.0 through 6.9.1

Description An issue allows certain OS level users to execute arbitrary scripts with root level privileges.

Recommendations For EMC RSA Identity Governance and Lifecycle versions 7.0.1 and 7.0.2, restrict access to root level privileges to minimize the risk of exploitation. For RSA Via Lifecycle and Governance version 7.0, consider disabling script execution for non-privileged OS level users until a fix is available. For RSA Identity Management & Governance (RSA IMG) versions 6.9.0 and 6.9.1, limit the execution of arbitrary scripts to prevent potential attacks.