CVE-2019-18573
HIGH
8.8
CVSS Severity Score
Vulnerability Description
The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixation vulnerability. An authenticated malicious local user could potentially exploit this vulnerability as the session token is exposed as part of the URL. A remote attacker can gain access to victim’s session and perform arbitrary actions with privileges of the user within the compromised session.
Affected Platforms (CPE)
📦
Dell
Rsa Identity Governance And Lifecycle
= 7.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.0.1📦
Dell
Rsa Identity Governance And Lifecycle
= 7.0.2📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.0📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.1📦
Dell
Rsa Identity Governance And Lifecycle
= 7.1.1📦
Dell