Vulnerabilities > EMC > RSA Identity Management AND Governance > High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-08	CVE-2018-1182	Improper Privilege Management vulnerability in multiple products An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (hardware appliance and software bundle deployments only); RSA Via Lifecycle and Governance version 7.0, all patch levels (hardware appliance and software bundle deployments only); RSA Identity Management & Governance (RSA IMG) versions 6.9.0, 6.9.1, all patch levels (hardware appliance and software bundle deployments only). local low complexity emc rsa CWE-269	7.2
2015-05-01	CVE-2015-0532	Permissions, Privileges, and Access Controls vulnerability in EMC RSA Identity Management and Governance 6.9.0/6.9.1 EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account. network low complexity emc CWE-264	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.