Information disclosure in Emc Rsa_identity_management_and_governance

CVE-2016-0918

EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popup information via a modified URL.

Vulnerability class: Information Disclosure

EPSS: 0.011 (62.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2016-0918?
CVE-2016-0918 is a medium-severity vulnerability in Emc Rsa_identity_management_and_governance, classified under Information Disclosure. CVSS score: 4.3/10. Published 2016-09-24.
How severe is CVE-2016-0918?
Medium severity. CVSS v3 base score is 4.3 out of 10.