CVE-2016-0918

MEDIUM

EMC RSA <6.8.1-6.9.1 - Info Disclosure

Title source: llm

Description

EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popup information via a modified URL.

References (3)

[Third Party Advisory, VDB Entry] http://seclists.org/bugtraq/2016/Sep/52

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1036896

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/93108

Scores

CVSS v3 4.3

EPSS 0.0017

EPSS Percentile 38.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-200

Status published

Affected Products (5)

emc/rsa_identity_management_and_governance < 6.8.1

emc/rsa_identity_management_and_governance

emc/rsa_via_lifecycle_and_governance < 7.0.0

n/a/n/a

Timeline

Published Sep 24, 2016

Tracked Since Feb 18, 2026