Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-5337

RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. The vulnerability could be used to conduct phishing attacks that cause users to unknowingly visit malicious sites.

Published

2020-05-04T19:15:13.657

Last Modified

2024-11-21T05:33:56.337

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.6 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: NONE
Exploitability Score

8.6

Impact Score

4.9

Weaknesses
  • Type: Secondary
    CWE-601
  • Type: Primary
    CWE-601
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application rsa archer < 6.7.0.1 Yes
References