Information disclosure in Dell Rsa Identity Governance And Lifecycle
CVE-2019-3763
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Of…
EPSS: 0.003 (24.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Dell Rsa Identity Governance And Lifecycle — versions unspecified, unspecified, 7.0.2
- Dell Rsa_identity_governance_and_lifecycle — versions 7.0.1, 7.0.2, 7.1.0
- Dell Rsa Via Lifecycle And Governance — versions 7.0
- Dell Rsa_via_lifecycle_and_governance — versions 7.0.0
Weakness classification (CWE)
References
- security_alert@emc.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2019-3763?
- CVE-2019-3763 is a high-severity vulnerability in Dell Rsa Identity Governance And Lifecycle, classified under Insertion of Sensitive Information into Log File. CVSS score: 8.8/10. Published 2019-09-11.
- How severe is CVE-2019-3763?
- High severity. CVSS v3 base score is 8.8 out of 10.