RSS   Vulnerabilities for
'Rsa via lifecycle and governance'
   RSS

2018-07-11
 
CVE-2018-11049

CWE-427
 

 
RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an unintended manner. A local authenticated malicious user could trick the root user to run malicious code on the targeted system.

 
2018-03-08
 
CVE-2018-1182

CWE-269
 

 
An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (hardware appliance and software bundle deployments only); RSA Via Lifecycle and Governance version 7.0, all patch levels (hardware appliance and software bundle deployments only); RSA Identity Management & Governance (RSA IMG) versions 6.9.0, 6.9.1, all patch levels (hardware appliance and software bundle deployments only). It allows certain OS level users to execute arbitrary scripts with root level privileges.

 
2017-07-17
 
CVE-2017-8005

 

 
The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle and Governance version 7.0, all patch levels; RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels) are affected by multiple stored cross-site scripting vulnerabilities. Remote authenticated malicious users could potentially inject arbitrary HTML code to the application.

 
 
CVE-2017-8004

 

 
The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle and Governance version 7.0, all patch levels; RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels) allow an application administrator to upload arbitrary files that may potentially contain a malicious code. The malicious file could be then executed on the affected system with the privileges of the user the application is running under.

 
2017-06-09
 
CVE-2017-5004

 

 
EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Stored Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system.

 
 
CVE-2017-5003

 

 
EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Reflected Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system.

 
2016-09-24
 
CVE-2016-0918

 

 
EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popup information via a modified URL.

 

 >>> Vendor: EMC 177 Products
Networker
Retrospect client
Legato networker
Eroom
Navisphere manager
Retrospect
Rsa security sitekey
Data domain os
Vmware
Vmware server
Replistor
Vmware player
Documentum administrator
Documentum webtop
Diskxtender
Alphastor
Dantz retrospect backup server
Centera universal access
Documentum applicationxtender
Documentum applicationxtender workflow manager
Control center
Networker client
Networker module
Networker powersnap
Networker server
Networker storage node
Autostart
Captiva pixtools distributed imaging
Homebase server
Rsa key manager client
Avamar
Disk library
Celerra network attached storage
Replication manager
Data protection advisor collector
Rsa adaptive authentication on-premise
Data loss prevention enterprise manager
Sourceone email management
Documentum eroom
Data protection advisor
Captiva einput
Ionix acm
Ionix asam
Ionix ip
Rsa key manager appliance
Documentum content server
Documentum xplore
Documentum information rights management
Documentum applicationxtender desktop
Captiva quickscan pro
Celerra network server
VNX
VNXE
Lifeline
Applicationxtender desktop
Applicationxtender web access .net
Cloud tiering appliance virtual edition
Cloud tiering appliance
Rsa authentication agent
Rsa authentication client
Networker module for microsoft applications
Rsa data protection manager software server
Rsa data protection manager appliance
It operations intelligence
Rsa netwitness informer
Avamar plugin
Rsa archer egrc
Rsa archer smartsuite
Smarts network configuration manager
Smarts ip manager
Smarts mpls manager
Smarts network protocol manager
Smarts server manager
Smarts services assurance manager
Smarts voip availability manager
Documentum records manager
Documentum taskspace
Documentum wdk
Celerra control station
Vnx control station
Avamar server
Avamar server virtual edition
Geosynchrony
Vplex geo
Vplex local
Vplex metro
Atmos
Unisphere
Documentum capital projects
Documentum digital asset manager
Documentum web publisher
Document sciences xpression
Rsa netwitness nextgen
Rsa security analytics
Connectrix manager
Watch4net
Documentum foundation services
Rsa bsafe ssl-j
Rsa data loss prevention
Rsa bsafe
See all Products for Vendor EMC


Copyright 2024, cxsecurity.com

 

Back to Top