← back
CVE-2018-11049

RSA Identity Governance and Lifecycle Uncontrolled Search Path Vulnerability

EPSS 0.4%
RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an unintended manner. A local authenticated malicious user could trick the root user to run malicious code on the targeted system.
Affected products
Pivotal · Pivotal Operations Manager

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2018/Jul/23http://www.securityfocus.com/bid/104722http://www.securitytracker.com/id/1041228