Vulnerability Description
EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Stored Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Rsa Identity Governance And Lifecycle | 7.0.1 |
| Emc | Rsa Identity Management And Governance | 6.9.1 |
| Rsa | Rsa Via Lifecycle And Governance | 7.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/archive/1/540693/30/0/threadedBroken LinkThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/98968Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038648Broken LinkThird Party AdvisoryVDB Entry
- https://web.archive.org/web/20210116013250/http://www.securityfocus.com/archive/Third Party Advisory
- http://www.securityfocus.com/archive/1/540693/30/0/threadedBroken LinkThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/98968Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038648Broken LinkThird Party AdvisoryVDB Entry
FAQ
What is CVE-2017-5004?
CVE-2017-5004 is a vulnerability with a CVSS score of 5.4 (MEDIUM). EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) ve...
How severe is CVE-2017-5004?
CVE-2017-5004 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-5004?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Rsa Identity Governance And Lifecycle, Emc Rsa Identity Management And Governance, Rsa Rsa Via Lifecycle And Governance.