RSA Identity Governance and Lifecycle is affected by an information disclosure vulnerability that potentially could be exploited by a malicious user to read certain details of other users in the system. RSA Identity Management and Governance versions prior to 6.8.1 P25 and 6.9.1 P15 are affected. Also affected are RSA Via Lifecycle and Governance versions prior to 7.0.0 P04.