CVE-2018-1182

An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (hardware appliance and software bundle deployments only); RSA Via Lifecycle and Governance version 7.0, all patch levels (hardware appliance and software bundle deployments only); RSA Identity Management & Governance (RSA IMG) versions 6.9.0, 6.9.1, all patch levels (hardware appliance and software bundle deployments only). It allows certain OS level users to execute arbitrary scripts with root level privileges.
References
Link Resource
http://seclists.org/fulldisclosure/2018/Mar/16 Mailing List Third Party Advisory
http://www.securitytracker.com/id/1040458 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/103317 Third Party Advisory VDB Entry
Configurations

Configuration 1

cpe:2.3:a:emc:rsa_identity_governance_and_lifecycle:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_identity_management_and_governance:6.9.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_identity_management_and_governance:6.9.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_identity_governance_and_lifecycle:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:rsa:rsa_via_lifecycle_and_governance:7.0:*:*:*:*:*:*:*

Information

Published : 2018-03-08 03:29

Updated : 2021-08-06 01:12


NVD link : CVE-2018-1182

Mitre link : CVE-2018-1182

Products Affected
No products.
CWE