CVE-2017-5004

EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Stored Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system.
References
Link Resource
http://www.securityfocus.com/archive/1/540693/30/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/98968 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038648 Broken Link Third Party Advisory VDB Entry
https://web.archive.org/web/20210116013250/http://www.securityfocus.com/archive/1/540693/30/0/threaded Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:emc:rsa_identity_governance_and_lifecycle:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_identity_governance_and_lifecycle:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:emc:rsa_identity_management_and_governance:6.9.1:*:*:*:*:*:*:*
cpe:2.3:a:rsa:rsa_via_lifecycle_and_governance:7.0:*:*:*:*:*:*:*

History

29 Apr 2022, 14:57

Type Values Removed Values Added
References
  • (MISC) https://web.archive.org/web/20210116013250/http://www.securityfocus.com/archive/1/540693/30/0/threaded - Third Party Advisory
References (CONFIRM) http://www.securityfocus.com/archive/1/540693/30/0/threaded - Third Party Advisory, VDB Entry (CONFIRM) http://www.securityfocus.com/archive/1/540693/30/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References (BID) http://www.securityfocus.com/bid/98968 - Third Party Advisory, VDB Entry (BID) http://www.securityfocus.com/bid/98968 - Broken Link, Third Party Advisory, VDB Entry
References (SECTRACK) http://www.securitytracker.com/id/1038648 - (SECTRACK) http://www.securitytracker.com/id/1038648 - Broken Link, Third Party Advisory, VDB Entry
CVSS v2 : 4.3
v3 : 6.1
v2 : 3.5
v3 : 5.4

06 Aug 2021, 13:12

Type Values Removed Values Added
CPE cpe:2.3:a:emc:rsa_via_lifecycle_and_governance:7.0:*:*:*:*:*:*:* cpe:2.3:a:rsa:rsa_via_lifecycle_and_governance:7.0:*:*:*:*:*:*:*

Information

Published : 2017-06-09 21:29

Updated : 2023-12-10 12:15


NVD link : CVE-2017-5004

Mitre link : CVE-2017-5004

CVE.ORG link : CVE-2017-5004


JSON object : View

Products Affected

emc

  • rsa_identity_governance_and_lifecycle
  • rsa_identity_management_and_governance

rsa

  • rsa_via_lifecycle_and_governance
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')