Unrated severityNVD Advisory· Published Sep 11, 2019· Updated Sep 17, 2024
CVE-2019-3759
CVE-2019-3759
Description
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limited access to view or modify information on the Workflow system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <7.1.0 P08
- Dell/RSA Identity Governance and Lifecyclev5Range: unspecified
- Dell/RSA Via Lifecycle and Governancev5Range: 7.0
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/158324/RSA-IG-L-Aveksa-7.1.1-Remote-Code-Execution.htmlmitrex_refsource_MISC
- community.rsa.com/docs/DOC-106943mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.