EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may potentially exploit this vulnerability to elevate their privileges and view other users' discussion forum messages.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Jun/49 | Mailing List Third Party Advisory |
http://www.securitytracker.com/id/1038815 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/99354 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-07-06 17:29
Updated : 2017-07-11 06:54
NVD link : CVE-2017-4999
Mitre link : CVE-2017-4999
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
emc
- rsa_archer_egrc