Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to send arbitrary requests to the vulnerable application to perform server operations with the privileges of the authenticated victim user.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Dell EMC RSA Archer 跨站请求伪造漏洞
Vulnerability Description
Dell EMC RSA Archer是美国戴尔(Dell)公司的一款企业IT治理和合规治理产品。该产品可以制定eGRC计划,用于管理企业风险、实现业务流程自动化等。 Dell EMC RSA Archer 6.7 P2 (6.7.0.2)之前版本中存在跨站请求伪造漏洞。远程攻击者可通过诱使用户向该受影响的应用程序发送任意请求利用该漏洞以用户权限执行服务器端操作。
CVSS Information
N/A
Vulnerability Type
N/A