RSA Update
3461Warning Date
Severity Level
Warning Number
Target Sector
10 September, 2019
● High
2019-421
All
Description:
RSA has released security update to address multiple vulnerabilities in the following products:
- RSA Identity Governance and Lifecycle software version 7.1.0, prior to P08
- RSA Identity Governance and Lifecycle software version 7.1.1, prior to P02
- RSA Identity Governance and Lifecycle software version 7.0.2, all patch levels
- RSA Identity Governance and Lifecycle software version 7.0.1, all patch levels
- RSA Via Lifecycle and Governance software version 7.0, all patch levels
Threats:
The vulnerabilities cause the following:
- Cross-site scripting (XSS) attack.
- Execute SQL commands .
- Remote code injection.
Best practice and Recommendations:
The CERT team encourages users to review RSA security advisory and apply the necessary updates: