EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2015-05-01T10:00:00
Updated: 2015-05-04T17:57:01
Reserved: 2014-12-17T00:00:00
Link: CVE-2015-0532
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-05-01T10:59:00.073
Modified: 2016-04-01T01:05:07.263
Link: CVE-2015-0532
JSON object: View
Redhat Information
No data.
CWE