Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Information Exposure Vulnerability
Vulnerability Description
RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dell EMC RSA Archer 信息泄露漏洞
Vulnerability Description
Dell EMC RSA Archer是美国戴尔(Dell)公司的一款企业IT治理和合规治理产品。该产品可以制定eGRC计划,用于管理企业风险、实现业务流程自动化等。 Dell EMC RSA Archer 6.5 SP1之前版本中存在信息泄露漏洞,该漏洞源于程序将用户会话信息以明文的形式记录在RSA Archer日志文件中。本地攻击者可利用该漏洞获取信息。
CVSS Information
N/A
Vulnerability Type
N/A