What products are affected by CVE-2017-5004?

CVE-2017-5004 affects EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, RSA Via Lifecycle and Governance version 7.0, and RSA Identity Management and Governance version 6.9.1.

What type of vulnerability is CVE-2017-5004?

CVE-2017-5004 is classified as a Stored Cross Site Scripting vulnerability.

What are the potential impacts of CVE-2017-5004?

The potential impacts of CVE-2017-5004 include unauthorized access and data leakage due to exploit of the stored XSS.

How can I mitigate CVE-2017-5004?

To mitigate CVE-2017-5004, users should apply the latest patches or updates provided by EMC for the affected products.

Is CVE-2017-5004 still a risk for organizations using the affected software?

Yes, organizations using the affected versions of the software remain at risk for CVE-2017-5004 unless they implement the necessary patches.

Vulnerability/
CVE-2017-5004

medium

5.4

CWE

9/6/2017

5/8/2024

CVE-2017-5004: XSS

First published: Fri Jun 09 2017(Updated: )

EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Stored Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
EMC RSA Identity Management and Governance	=7.0.1
EMC RSA Identity Management and Governance	=7.0.2
EMC RSA Identity Management and Governance	=6.9.1
Dell RSA Identity Governance and Lifecycle	=7.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What products are affected by CVE-2017-5004?
CVE-2017-5004 affects EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, RSA Via Lifecycle and Governance version 7.0, and RSA Identity Management and Governance version 6.9.1.
What type of vulnerability is CVE-2017-5004?
CVE-2017-5004 is classified as a Stored Cross Site Scripting vulnerability.
What are the potential impacts of CVE-2017-5004?
The potential impacts of CVE-2017-5004 include unauthorized access and data leakage due to exploit of the stored XSS.
How can I mitigate CVE-2017-5004?
To mitigate CVE-2017-5004, users should apply the latest patches or updates provided by EMC for the affected products.
Is CVE-2017-5004 still a risk for organizations using the affected software?
Yes, organizations using the affected versions of the software remain at risk for CVE-2017-5004 unless they implement the necessary patches.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/severity
agent/author
agent/description
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/emc
canonical/emc rsa identity management and governance
version/emc rsa identity management and governance/7.0.1
version/emc rsa identity management and governance/7.0.2
version/emc rsa identity management and governance/6.9.1
vendor/rsa
canonical/dell rsa identity governance and lifecycle
version/dell rsa identity governance and lifecycle/7.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.