CVE-2017-5003

Опубликовано: 09 июн. 2017

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Reflected Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system.

Ссылки

http://www.securityfocus.com/archive/1/540693/30/0/threaded
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/98974
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038648
Broken Link
Third Party Advisory
VDB Entry
https://web.archive.org/web/20210116013250/http://www.securityfocus.com/archive/1/540693/30/0/threaded
Third Party Advisory
http://www.securityfocus.com/archive/1/540693/30/0/threaded
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/98974
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038648
Broken Link
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:emc:rsa_identity_governance_and_lifecycle:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:emc:rsa_identity_governance_and_lifecycle:7.0.2:*:*:*:*:*:*:*

cpe:2.3:a:emc:rsa_identity_management_and_governance:6.9.1:*:*:*:*:*:*:*

cpe:2.3:a:rsa:rsa_via_lifecycle_and_governance:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.00285

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-9pwr-594w-vfp8