关于 CVE-2015-0532 的漏洞信息

1. 漏洞描述
From NVD
EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account.
From 神龙GPT (AIGC)
EMC RSA身份管理和治理(IMG)在P04之前,以及在P01之前,第6.9和6.9.1节并未适当地限制密码重置。这允许远程攻击者通过为任意有效用户名编写重置过程的使用来获得访问,正如特权帐户所示。
2. 漏洞评分(CVSS)
From NVD
NVD 暂无评分
From 神龙GPT (AIGC)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3. 漏洞类别
From NVD
NVD 暂无漏洞类别信息
From 神龙GPT (AIGC)
神龙GPT 暂无漏洞类别信息(请耐心等待)
Reference