What is the severity of CVE-2019-3763?

CVE-2019-3763 has a medium severity rating due to the potential exposure of sensitive information.

How do I fix CVE-2019-3763?

To fix CVE-2019-3763, upgrade to version 7.1.0 P08 or later of the affected products.

What type of vulnerability is CVE-2019-3763?

CVE-2019-3763 is classified as an information exposure vulnerability.

What can an attacker do with CVE-2019-3763?

An authenticated attacker could exploit CVE-2019-3763 to access Office 365 user passwords logged in plain text in a debug log file.

Vulnerability/
CVE-2019-3763

high

8.8

CWE

532

11/9/2019

16/9/2024

CVE-2019-3763

First published: Wed Sep 11 2019(Updated: )

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Office 365 connector debug log file. An authenticated malicious local user with access to the debug logs may obtain the exposed password to use in further attacks.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
EMC RSA Identity Governance and Lifecycle	=7.0.1
EMC RSA Identity Governance and Lifecycle	=7.0.1-p1
EMC RSA Identity Governance and Lifecycle	=7.0.1-p2_hotfix2
EMC RSA Identity Governance and Lifecycle	=7.0.1-p3
EMC RSA Identity Governance and Lifecycle	=7.0.1-p4
EMC RSA Identity Governance and Lifecycle	=7.0.1-p5
EMC RSA Identity Governance and Lifecycle	=7.0.1-p5_hotfix2
EMC RSA Identity Governance and Lifecycle	=7.0.2
EMC RSA Identity Governance and Lifecycle	=7.0.2-p1
EMC RSA Identity Governance and Lifecycle	=7.0.2-p10
EMC RSA Identity Governance and Lifecycle	=7.0.2-p11
EMC RSA Identity Governance and Lifecycle	=7.0.2-p12
EMC RSA Identity Governance and Lifecycle	=7.0.2-p13
EMC RSA Identity Governance and Lifecycle	=7.0.2-p14
EMC RSA Identity Governance and Lifecycle	=7.0.2-p2
EMC RSA Identity Governance and Lifecycle	=7.0.2-p3
EMC RSA Identity Governance and Lifecycle	=7.0.2-p4
EMC RSA Identity Governance and Lifecycle	=7.0.2-p5
EMC RSA Identity Governance and Lifecycle	=7.0.2-p6
EMC RSA Identity Governance and Lifecycle	=7.0.2-p7
EMC RSA Identity Governance and Lifecycle	=7.0.2-p8
EMC RSA Identity Governance and Lifecycle	=7.0.2-p9
EMC RSA Identity Governance and Lifecycle	=7.1.0
EMC RSA Identity Governance and Lifecycle	=7.1.0-p01
EMC RSA Identity Governance and Lifecycle	=7.1.0-p02
EMC RSA Identity Governance and Lifecycle	=7.1.0-p03
EMC RSA Identity Governance and Lifecycle	=7.1.0-p04
EMC RSA Identity Governance and Lifecycle	=7.1.0-p05
EMC RSA Identity Governance and Lifecycle	=7.1.0-p06
EMC RSA Identity Governance and Lifecycle	=7.1.0-p07
EMC RSA Identity Governance and Lifecycle	=7.1.1
EMC RSA Identity Governance and Lifecycle	=7.1.1-p1
EMC RSA Identity Governance and Lifecycle	=7.0.0
EMC RSA Identity Governance and Lifecycle	=7.0.0-p1
EMC RSA Identity Governance and Lifecycle	=7.0.0-p2
EMC RSA Identity Governance and Lifecycle	=7.0.0-p3
EMC RSA Identity Governance and Lifecycle	=7.0.0-p4
EMC RSA Identity Governance and Lifecycle	=7.0.0-p5

Never miss a vulnerability like this again

Reference Links

https://community.rsa.com/docs/DOC-106943

Frequently Asked Questions

What is the severity of CVE-2019-3763?
CVE-2019-3763 has a medium severity rating due to the potential exposure of sensitive information.
What products are affected by CVE-2019-3763?
CVE-2019-3763 affects multiple versions of the RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to version 7.1.0 P08.
How do I fix CVE-2019-3763?
To fix CVE-2019-3763, upgrade to version 7.1.0 P08 or later of the affected products.
What type of vulnerability is CVE-2019-3763?
CVE-2019-3763 is classified as an information exposure vulnerability.
What can an attacker do with CVE-2019-3763?
An authenticated attacker could exploit CVE-2019-3763 to access Office 365 user passwords logged in plain text in a debug log file.

agent/type
agent/severity
agent/references
agent/weakness
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/dell
canonical/emc rsa identity governance and lifecycle
version/emc rsa identity governance and lifecycle/7.0.1
version/emc rsa identity governance and lifecycle/7.0.1-p1
version/emc rsa identity governance and lifecycle/7.0.1-p2_hotfix2
version/emc rsa identity governance and lifecycle/7.0.1-p3
version/emc rsa identity governance and lifecycle/7.0.1-p4
version/emc rsa identity governance and lifecycle/7.0.1-p5
version/emc rsa identity governance and lifecycle/7.0.1-p5_hotfix2
version/emc rsa identity governance and lifecycle/7.0.2
version/emc rsa identity governance and lifecycle/7.0.2-p1
version/emc rsa identity governance and lifecycle/7.0.2-p10
version/emc rsa identity governance and lifecycle/7.0.2-p11
version/emc rsa identity governance and lifecycle/7.0.2-p12
version/emc rsa identity governance and lifecycle/7.0.2-p13
version/emc rsa identity governance and lifecycle/7.0.2-p14
version/emc rsa identity governance and lifecycle/7.0.2-p2
version/emc rsa identity governance and lifecycle/7.0.2-p3
version/emc rsa identity governance and lifecycle/7.0.2-p4
version/emc rsa identity governance and lifecycle/7.0.2-p5
version/emc rsa identity governance and lifecycle/7.0.2-p6
version/emc rsa identity governance and lifecycle/7.0.2-p7
version/emc rsa identity governance and lifecycle/7.0.2-p8
version/emc rsa identity governance and lifecycle/7.0.2-p9
version/emc rsa identity governance and lifecycle/7.1.0
version/emc rsa identity governance and lifecycle/7.1.0-p01
version/emc rsa identity governance and lifecycle/7.1.0-p02
version/emc rsa identity governance and lifecycle/7.1.0-p03
version/emc rsa identity governance and lifecycle/7.1.0-p04
version/emc rsa identity governance and lifecycle/7.1.0-p05
version/emc rsa identity governance and lifecycle/7.1.0-p06
version/emc rsa identity governance and lifecycle/7.1.0-p07
version/emc rsa identity governance and lifecycle/7.1.1
version/emc rsa identity governance and lifecycle/7.1.1-p1
version/emc rsa identity governance and lifecycle/7.0.0
version/emc rsa identity governance and lifecycle/7.0.0-p1
version/emc rsa identity governance and lifecycle/7.0.0-p2
version/emc rsa identity governance and lifecycle/7.0.0-p3
version/emc rsa identity governance and lifecycle/7.0.0-p4
version/emc rsa identity governance and lifecycle/7.0.0-p5

CVE-2019-3763

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-3763?

What products are affected by CVE-2019-3763?

How do I fix CVE-2019-3763?

What type of vulnerability is CVE-2019-3763?

What can an attacker do with CVE-2019-3763?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2019-3763?

What products are affected by CVE-2019-3763?

How do I fix CVE-2019-3763?

What type of vulnerability is CVE-2019-3763?

What can an attacker do with CVE-2019-3763?