EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. A remote low privileged attacker may potentially exploit the vulnerability to execute unauthorized requests on behalf of the victim, using the authenticated user's privileges.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Jun/49 | Mailing List Third Party Advisory |
http://www.securitytracker.com/id/1038815 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/99354 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-07-06 17:29
Updated : 2017-07-17 11:06
NVD link : CVE-2017-4998
Mitre link : CVE-2017-4998
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
emc
- rsa_archer_egrc