PT-2017-18063 · Rsa+1 · Rsa Via Lifecycle/Governance+2
Published
2017-07-17
·
Updated
2021-08-06
·
CVE-2017-8005
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
EMC RSA Identity Governance and Lifecycle versions 7.0.1 through 7.0.2
RSA Via Lifecycle and Governance version 7.0
RSA Identity Management and Governance (RSA IMG) version 6.9.1
Description
The issue concerns multiple stored cross-site scripting vulnerabilities. Remote authenticated malicious users could potentially inject arbitrary HTML code to the application.
Recommendations
For EMC RSA Identity Governance and Lifecycle versions 7.0.1 and 7.0.2, update to a version that includes the fix for the stored cross-site scripting vulnerabilities.
For RSA Via Lifecycle and Governance version 7.0, update to a version that includes the fix for the stored cross-site scripting vulnerabilities.
For RSA Identity Management and Governance (RSA IMG) version 6.9.1, update to a version that includes the fix for the stored cross-site scripting vulnerabilities.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rsa Identity Governance/Lifecycle
Rsa Identity Management/Governance
Rsa Via Lifecycle/Governance