Vulnerability in Emc Rsa_identity_governance_and_lifecycle

CVE-2018-11049

RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an unintended manner. A local authenticated ma…

EPSS: 0.004 (35.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2018-11049?
CVE-2018-11049 is a high-severity vulnerability in Emc Rsa_identity_governance_and_lifecycle, classified under Uncontrolled Search Path Element. CVSS score: 7.3/10. Published 2018-07-11.
How severe is CVE-2018-11049?
High severity. CVSS v3 base score is 7.3 out of 10.