The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle and Governance version 7.0, all patch levels; RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels) allow an application administrator to upload arbitrary files that may potentially contain a malicious code. The malicious file could be then executed on the affected system with the privileges of the user the application is running under.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Jul/24 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/99591 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1038877 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2017-07-17T14:00:00
Updated: 2017-07-18T09:57:01
Reserved: 2017-04-21T00:00:00
Link: CVE-2017-8004
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-07-17T14:29:01.140
Modified: 2021-08-06T13:12:18.373
Link: CVE-2017-8004
JSON object: View
Redhat Information
No data.
CWE