CVE-2019-3759

Name of the Vulnerable Software and Affected Versions RSA Identity Governance and Lifecycle software versions prior to 7.1.0 P08 RSA Via Lifecycle and Governance products versions prior to 7.1.0 P08

Description The issue allows a remote authenticated malicious user to potentially exploit a code injection vulnerability, enabling them to run custom Groovy scripts. This could result in limited access to view or modify information on the Workflow system.

Recommendations For RSA Identity Governance and Lifecycle software versions prior to 7.1.0 P08, update to version 7.1.0 P08 or later. For RSA Via Lifecycle and Governance products versions prior to 7.1.0 P08, update to version 7.1.0 P08 or later.