CVE-2019-3759

MEDIUM

RSA Identity Governance and Lifecycle < 7.1.0 P08 - Authenticated Code Injection via Groovy Script Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-3759. PoCs published by Jakub Palaczynski.

AI-analyzed exploit summary This exploit demonstrates an authenticated remote code execution vulnerability in RSA IG&L Aveksa 7.1.1 by bypassing authorization to access the Workpoint Architect module, which allows execution of arbitrary Groovy scripts. The PoC includes steps to extract credentials, authenticate, create a malicious script, and execute it to run system commands.

Description

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limited access to view or modify information on the Workflow system.

Exploits (1)

exploitdb WORKING POC

by Jakub Palaczynski · textwebappsmultiple

https://www.exploit-db.com/exploits/48639

View Code ZIP pw:eip

This exploit demonstrates an authenticated remote code execution vulnerability in RSA IG&L Aveksa 7.1.1 by bypassing authorization to access the Workpoint Architect module, which allows execution of arbitrary Groovy scripts. The PoC includes steps to extract credentials, authenticate, create a malicious script, and execute it to run system commands.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: RSA Identity Governance & Lifecycle 7.1.1 (prior to P02)

Auth required

Prerequisites: Valid credentials for Aveksa login · Access to the Workpoint Architect module · Ability to extract Architect credentials from the application

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources x_refsource_misc

https://community.rsa.com/docs/DOC-106943

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/158324/RSA-IG-L-Aveksa-7.1.1-Remote-Code-Execution.html

Scores

CVSS v3 6.4

EPSS 0.0323

EPSS Percentile 86.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Details

CWE

CWE-94

Status published

Products (5)

dell/rsa_identity_governance_and_lifecycle 7.0.1 (7 CPE variants)

dell/rsa_identity_governance_and_lifecycle 7.0.2 (15 CPE variants)

dell/rsa_identity_governance_and_lifecycle 7.1.0 (8 CPE variants)

dell/rsa_identity_governance_and_lifecycle 7.1.1 (2 CPE variants)

dell/rsa_via_lifecycle_and_governance 7.0.0 (6 CPE variants)

Published Sep 11, 2019

Tracked Since Feb 18, 2026