CVE-2015-0532

Name of the Vulnerable Software and Affected Versions EMC RSA Identity Management and Governance (IMG) versions 6.9 before P04 and 6.9.1 before P01

Description The issue allows remote attackers to obtain access via crafted use of the password reset process for an arbitrary valid account name, potentially affecting privileged accounts. This is due to improper restriction of password resets.

Recommendations For versions 6.9 before P04, apply patch P04 to resolve the issue. For versions 6.9.1 before P01, apply patch P01 to resolve the issue.