4 matches found
EUVD-2018-11888
Malware in sbrugna...
Authorization
RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component ACM. A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a...
CVE-2018-1245
RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component ACM. A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a...
CVE-2018-1255
The CVE-2018-1255 entry concerns RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2, and 7.1.0 that contain a reflected cross-site scripting (XSS) vulnerability. The vulnerability allows a remote, unauthenticated attacker to cause execution of malicious HTML or JavaScript by tricking a v...