High severity7.3NVD Advisory· Published Jul 11, 2018· Updated Jun 17, 2026
CVE-2018-11049
CVE-2018-11049
Description
RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an unintended manner. A local authenticated malicious user could trick the root user to run malicious code on the targeted system.
Affected products
3- Range: RSA(r) Identity Governance and Lifecycle version 7.1.0, all patch levels (Hardware Appliance, Software Bundle, and Virtual Application deployments only)
Patches
Vulnerability mechanics
References
3- seclists.org/fulldisclosure/2018/Jul/23nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/104722nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041228nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.