CVE-2018-1245 is a vulnerability in EMC Rsa Identity Governance Lifecycle
Published on July 13, 2018
Authorization ByPass Vulnerability
RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a malicious user could potentially run arbitrary system commands at the OS level with application owner privileges on the affected system.
Products Associated with CVE-2018-1245
Want to know whenever a new CVE is published for EMC Rsa Identity Governance Lifecycle? stack.watch will email you.
Affected Versions
RSA Identity Governance and Lifecycle:- Version version 7.0.1, all patch levels is affected.
- Version version 7.0.2, all patch levels is affected.
- Version version 7.1.0, all patch levels is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.