CVE-2016-0918
Severity Score
4.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popup information via a modified URL.
EMC RSA Identity Management and Governance en versiones anteriores a 6.8.1 P25 y 6.9.x en versiones anteriores a 6.9.1 P15 y RSA Via Lifecycle and Governance en versiones anteriores a 7.0.0 P04 permiten a usuarios remotos autenticados obtener información de User Detail Popup a través de una URL modificada.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-12-17 CVE Reserved
- 2016-09-23 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/bugtraq/2016/Sep/52 | Mailing List |
|
| http://www.securityfocus.com/bid/93108 | Vdb Entry | |
| http://www.securitytracker.com/id/1036896 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Rsa Identity Management And Governance Search vendor "Emc" for product "Rsa Identity Management And Governance" | <= 6.8.1 Search vendor "Emc" for product "Rsa Identity Management And Governance" and version " <= 6.8.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Rsa Identity Management And Governance Search vendor "Emc" for product "Rsa Identity Management And Governance" | 6.9.0 Search vendor "Emc" for product "Rsa Identity Management And Governance" and version "6.9.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Rsa Identity Management And Governance Search vendor "Emc" for product "Rsa Identity Management And Governance" | 6.9.1 Search vendor "Emc" for product "Rsa Identity Management And Governance" and version "6.9.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Rsa Via Lifecycle And Governance Search vendor "Emc" for product "Rsa Via Lifecycle And Governance" | <= 7.0.0 Search vendor "Emc" for product "Rsa Via Lifecycle And Governance" and version " <= 7.0.0" | - |
Affected
| ||||||