CVE-2020-5331: Infoleak
First published: Fri Feb 28 2020(Updated: )
RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. Users’ session information could potentially be stored in cache or log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| RSA Archer | <6.7.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-5331?
The severity of CVE-2020-5331 is high with a CVSS score of 5.5.
What is CVE-2020-5331?
CVE-2020-5331 is an information exposure vulnerability in RSA Archer versions prior to 6.7 P3 (6.7.0.3).
How can an attacker exploit CVE-2020-5331?
An authenticated malicious local user with access to the log files can exploit CVE-2020-5331 to obtain exposed session information.
What is the affected software for CVE-2020-5331?
RSA Archer versions prior to 6.7 P3 (6.7.0.3) are affected by CVE-2020-5331.
Is there a security update available for CVE-2020-5331?
Yes, a security update is available for CVE-2020-5331. Please refer to the reference link for more information.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/rsa
- canonical/rsa archer