Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The WorkPoint component, which is embedded in all RSA Archer, versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1, contains a SQL injection vulnerability. A malicious user could potentially exploit this vulnerability to execute SQL commands on the back-end database to read certain data. Embedded WorkPoint is upgraded to version 4.10.16, which contains a fix for the vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dell EMC RSA Archer WorkPoint组件SQL注入漏洞
Vulnerability Description
Dell EMC RSA Archer是美国戴尔(Dell)公司的一款企业IT治理和合规治理产品。该产品可以制定eGRC计划,用于管理企业风险、实现业务流程自动化等。WorkPoint是其中的一个劳动计酬组件。 Dell EMC RSA Archer中的WorkPoint组件存在SQL注入漏洞,该漏洞源于在使用SQL语句之前,程序没有正确的过滤用户提交的输入。远程攻击者可利用该漏洞在后端数据库上执行SQL命令,读取数据。以下版本受到影响:Dell EMC RSA Archer 6.1.x版本,6.2.x版
CVSS Information
N/A
Vulnerability Type
N/A