CVE-2016-0918
Summary
| CVE | CVE-2016-0918 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-09-24 10:59:00 UTC |
| Updated | 2017-07-30 01:29:00 UTC |
| Description | EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popup information via a modified URL. |
Risk And Classification
Problem Types: CWE-200
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Emc | Rsa Identity Management And Governance | 6.9.0 | All | All | All |
| Application | Emc | Rsa Identity Management And Governance | 6.9.1 | All | All | All |
| Application | Emc | Rsa Identity Management And Governance | 6.9.0 | All | All | All |
| Application | Emc | Rsa Identity Management And Governance | 6.9.1 | All | All | All |
| Application | Emc | Rsa Identity Management And Governance | All | All | All | All |
| Application | Emc | Rsa Via Lifecycle And Governance | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| RSA Identity Management and Governance Flaw Lets Remote Authenticated Users Obtain Information About Other User Accounts - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Bugtraq: ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability | BUGTRAQ | seclists.org | Third Party Advisory, VDB Entry |
| Multiple EMC Products CVE-2016-0918 Information Disclosure Vulnerability | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.