返回 CVE 瀏覽器

CVE-2018-1182

HIGH

7.8

CVSS Severity Score

EPSS Score0.1160%

EPSS Percentile43.77th

Published2018年3月8日

Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (hardware appliance and software bundle deployments only); RSA Via Lifecycle and Governance version 7.0, all patch levels (hardware appliance and software bundle deployments only); RSA Identity Management & Governance (RSA IMG) versions 6.9.0, 6.9.1, all patch levels (hardware appliance and software bundle deployments only). It allows certain OS level users to execute arbitrary scripts with root level privileges.

Affected Platforms (CPE)

📦

Emc

Rsa Identity Governance And Lifecycle

= 7.0.1

📦

Emc

Rsa Identity Governance And Lifecycle

= 7.0.2

📦

Emc

Rsa Identity Management And Governance

= 6.9.0

📦

Emc

Rsa Identity Management And Governance

= 6.9.1

📦

Rsa

Rsa Via Lifecycle And Governance

= 7.0

References & Advisories

🔗 http://seclists.org/fulldisclosure/2018/Mar/16

🔗 http://www.securityfocus.com/bid/103317

🔗 http://www.securitytracker.com/id/1040458

🔗 http://seclists.org/fulldisclosure/2018/Mar/16

🔗 http://www.securityfocus.com/bid/103317

🔗 http://www.securitytracker.com/id/1040458

相關漏洞威脅

CVE-2019-185729.8

The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Aut...

CVE-2018-12459.0

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the wo...

CVE-2019-185738.8

The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixat...

CVE-2019-37638.8

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an inf...