First published: Mon May 04 2020(Updated: )
RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability. An unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious JavaScript code on the affected system.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
RSA Archer | <6.7.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-5336 is a URL injection vulnerability in RSA Archer versions prior to 6.7 P1 (6.7.0.1).
An unauthenticated attacker could exploit CVE-2020-5336 by tricking a victim application user to execute malicious JavaScript code on the affected system.
CVE-2020-5336 has a severity rating of medium (6.1).
Yes, updating RSA Archer to version 6.7 P1 (6.7.0.1) or later will fix CVE-2020-5336.
You can find more information about CVE-2020-5336 at the following reference: [RSA Archer Security Update for Multiple Vulnerabilities](https://www.dell.com/support/security/en-us/details/DOC-111112/DSA-2020-049-RSA-Archer-Security-Update-for-Multiple-Vulnerabilities).