Vulnerability Description
EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popup information via a modified URL.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Rsa Identity Management And Governance | <= 6.8.1 |
| Emc | Rsa Via Lifecycle And Governance | <= 7.0.0 |
Related Weaknesses (CWE)
References
- http://seclists.org/bugtraq/2016/Sep/52Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/93108
- http://www.securitytracker.com/id/1036896
- http://seclists.org/bugtraq/2016/Sep/52Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/93108
- http://www.securitytracker.com/id/1036896
FAQ
What is CVE-2016-0918?
CVE-2016-0918 is a vulnerability with a CVSS score of 4.3 (MEDIUM). EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popu...
How severe is CVE-2016-0918?
CVE-2016-0918 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-0918?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Rsa Identity Management And Governance, Emc Rsa Via Lifecycle And Governance.