HIGH🇬🇧 English

CVE-2015-0532

CVSS 7.5v2.0pub. 2015-05-01upd. 2026-05-06

EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Emc Rsa Identity Management And Governance

    APP
    Emc
    6.9.06.9.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2018-11049HIGH7.3ten sam produkt

RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontro...

CVE-2018-1182HIGH7.8ten sam produkt

An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (...

CVE-2017-8004HIGH7.2ten sam produkt

The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Iden...

CVE-2014-4619HIGH9.3ten sam produkt

EMC RSA Identity Management and Governance (IMG) 6.5.x before 6.5.1 P11, 6.5.2 before P02HF01, and 6.8.x befor...

CVE-2017-8005MEDIUM5.4ten sam produkt

The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG products (RSA Ide...