{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T08:45:01.907","vulnerabilities":[{"cve":{"id":"CVE-2019-18572","sourceIdentifier":"security_alert@emc.com","published":"2019-12-18T21:15:12.943","lastModified":"2024-11-21T04:33:19.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. A Java JMX agent running on the remote host is configured with plain text password authentication. An unauthenticated remote attacker can connect to the JMX agent and monitor and manage the Java application."},{"lang":"es","value":"Los productos RSA Identity Governance and Lifecycle y RSA Via Lifecycle and Governance versiones anteriores a 7.1.1 P03, contienen una vulnerabilidad de Autenticación Inapropiada. Un agente Java JMX que se ejecuta en el host remoto está configurado con autenticación de contraseña de texto plano. Un atacante remoto no autenticado puede conectarse al agente JMX y monitorear y administrar la aplicación Java."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV30":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0:*:*:*:*:*:*:*","matchCriteriaId":"54F243EB-5F06-4728-8815-93BDB5502F74"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:*:*:*:*:*:*:*","matchCriteriaId":"DD518D4A-157A-42D8-B958-8C4661CE6224"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:*:*:*:*:*:*:*","matchCriteriaId":"E2715882-4E9F-4E4C-A648-30B5D8B36C63"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:-:*:*:*:*:*:*","matchCriteriaId":"BC3F7997-46CC-4345-981A-4CA38A73BA8C"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p01:*:*:*:*:*:*","matchCriteriaId":"DD36DED8-5591-4A76-AD40-7DAED6EF1954"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p02:*:*:*:*:*:*","matchCriteriaId":"6CF203FD-8A59-4237-820A-FDBE4F28E4B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p03:*:*:*:*:*:*","matchCriteriaId":"08FC40D4-433A-4EDE-87B1-422D0473D6D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p04:*:*:*:*:*:*","matchCriteriaId":"5CF1C39E-D12B-44E4-8172-CD91F17E871B"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p05:*:*:*:*:*:*","matchCriteriaId":"31DCF79D-E1EA-4F65-B355-C821B0D78E73"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p06:*:*:*:*:*:*","matchCriteriaId":"82CFC850-4C98-42B5-AE77-592FD64E78E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p07:*:*:*:*:*:*","matchCriteriaId":"9DE35E51-0C69-41A8-9332-A9E411CE0B92"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p08:*:*:*:*:*:*","matchCriteriaId":"A8989E78-229D-47B1-A60F-50394D8DF244"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.1:-:*:*:*:*:*:*","matchCriteriaId":"6E9E1900-FE59-440A-87D6-35DE7233EAB3"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.1:p01:*:*:*:*:*:*","matchCriteriaId":"15371ECD-CACD-4E1F-854B-D5EA6D1BBC54"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.1:p02:*:*:*:*:*:*","matchCriteriaId":"ACD868A6-05CC-4BCF-BC53-EA4418DE5F45"}]}]}],"references":[{"url":"https://community.rsa.com/docs/DOC-109310","source":"security_alert@emc.com","tags":["Vendor Advisory"]},{"url":"https://community.rsa.com/docs/DOC-109310","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}