What is the severity of CVE-2016-0918?

CVE-2016-0918 is rated as a medium severity vulnerability due to the potential disclosure of sensitive user information.

How do I fix CVE-2016-0918?

To remediate CVE-2016-0918, upgrade EMC RSA Identity Management and Governance to versions 6.8.1 P25 or 6.9.1 P15, or RSA Via Lifecycle and Governance to version 7.0.0 P04 or later.

What products are affected by CVE-2016-0918?

CVE-2016-0918 affects EMC RSA Identity Management and Governance versions prior to 6.8.1 P25 and 6.9.x before 6.9.1 P15, as well as RSA Via Lifecycle and Governance before 7.0.0 P04.

What type of attack can exploit CVE-2016-0918?

CVE-2016-0918 can be exploited by remote authenticated users to manipulate URLs and gain unauthorized access to User Detail Popup information.

Is network administrator intervention required for CVE-2016-0918?

Yes, network administrators must apply the necessary patches or upgrades to mitigate CVE-2016-0918 effectively.

Vulnerability/
CVE-2016-0918

medium

4.3

CWE

200

24/9/2016

5/8/2024

CVE-2016-0918: Infoleak

First published: Sat Sep 24 2016(Updated: )

EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popup information via a modified URL.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
EMC RSA Identity Management and Governance	<=6.8.1
EMC RSA Identity Management and Governance	=6.9.0
EMC RSA Identity Management and Governance	=6.9.1
EMC RSA Identity Governance and Lifecycle	<=7.0.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-0918?
CVE-2016-0918 is rated as a medium severity vulnerability due to the potential disclosure of sensitive user information.
How do I fix CVE-2016-0918?
To remediate CVE-2016-0918, upgrade EMC RSA Identity Management and Governance to versions 6.8.1 P25 or 6.9.1 P15, or RSA Via Lifecycle and Governance to version 7.0.0 P04 or later.
What products are affected by CVE-2016-0918?
CVE-2016-0918 affects EMC RSA Identity Management and Governance versions prior to 6.8.1 P25 and 6.9.x before 6.9.1 P15, as well as RSA Via Lifecycle and Governance before 7.0.0 P04.
What type of attack can exploit CVE-2016-0918?
CVE-2016-0918 can be exploited by remote authenticated users to manipulate URLs and gain unauthorized access to User Detail Popup information.
Is network administrator intervention required for CVE-2016-0918?
Yes, network administrators must apply the necessary patches or upgrades to mitigate CVE-2016-0918 effectively.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/weakness
agent/author
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/emc
canonical/emc rsa identity management and governance
version/emc rsa identity management and governance/6.8.1
version/emc rsa identity management and governance/6.9.0
version/emc rsa identity management and governance/6.9.1
canonical/emc rsa identity governance and lifecycle
version/emc rsa identity governance and lifecycle/7.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.