A vulnerability was reported in RSA enVision
Version(s): 4.0 prior to 4.0 SP4 P5, 4.1 prior to 4.1 P3
A remote user can view potentially sensitive data on the target system.
The security issue is caused due to the application disclosing certain environment variables containing web system setup information via the web interface. Further information about this resolution and other fixes can be found in the Release Notes associated with RSA enVision 4.1, Patch 3 and enVision V4.0 Service Pack 4 Patch 5.
Exposure of sensitive information
Update to version 4.1 Patch 3 or 4.0 Service Pack 4 Patch.