PT-2016-4472 · Rsa+1 · Rsa Via Lifecycle/Governance+1

Published

2016-09-24

Updated

2017-07-30

CVE-2016-0918

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions EMC RSA Identity Management and Governance versions prior to 6.8.1 P25 EMC RSA Identity Management and Governance versions 6.9.x prior to 6.9.1 P15 RSA Via Lifecycle and Governance versions prior to 7.0.0 P04

Description The issue allows remote authenticated users to obtain User Detail Popup information via a modified URL.

Recommendations For EMC RSA Identity Management and Governance versions prior to 6.8.1 P25, update to version 6.8.1 P25 or later. For EMC RSA Identity Management and Governance versions 6.9.x prior to 6.9.1 P15, update to version 6.9.1 P15 or later. For RSA Via Lifecycle and Governance versions prior to 7.0.0 P04, update to version 7.0.0 P04 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2016-0918

Affected Products

Rsa Identity Management/Governance

Rsa Via Lifecycle/Governance

PT-2016-4472 · Rsa+1 · Rsa Via Lifecycle/Governance+1

CVE-2016-0918

Weakness Enumeration

Related Identifiers

Affected Products

References · 5