The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limited access to view or modify information on the Workflow system.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2019-09-09T00:00:00
Updated: 2020-08-31T15:12:36
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3759
JSON object: View
NVD Information
Status : Modified
Published: 2019-09-11T20:15:11.410
Modified: 2020-08-31T16:15:13.553
Link: CVE-2019-3759
JSON object: View
Redhat Information
No data.
CWE