SB2017070409 - Multiple vulnerabilities in RSA Archer eGRC

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017070409

SB2017070409 - Multiple vulnerabilities in RSA Archer eGRC

Published: July 4, 2017

Security Bulletin ID SB2017070409
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 20% Low 80%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 vulnerabilities.


1) Cross-site scripting (CVE-ID: CVE-2017-5001)

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear


The disclosed vulnerability allows a remote privileged attacker to perform cross-site scripting (XSS) attacks.

The vulnerability is caused by incorrect filtration of input data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim’s browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

2) Cross-site request forgery (CVE-ID: CVE-2017-4998)

CWE-ID: CWE-352 - Cross-Site Request Forgery (CSRF)

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote privileged attacker to perform CSRF attack.

The weakness exists due to insufficient checking of the sent requests. A remote attacker can create a specially crafted HTML page or URL, trick the victim into visiting it, gain access to the system and perform arbitrary actions.

3) Open redirect (CVE-ID: CVE-2017-5002)

CWE-ID: CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote unprivileged attacker to redirect website visitors to external websites.

The weakness exists due to incorrect validation of redirected URL. A remote attacker can create a specially crafted link and redirect the victim on potentially dangerous website.

Successful exploitation of the vulnerability may result in phishing attack.

4) Information disclosure (CVE-ID: CVE-2017-5000)

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote privileged attacker to obtain potentially sensitive information on the target system.

The weakness exists due to improper input validation. A remote attacker can send specially crafted data and gain access to potentially sensitive information from an error message.

Successful exploitation of the vulnerability results in information disclosure.


5) Security restrictions bypass (CVE-ID: CVE-2017-4999)

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote privileged attacker to bypass authorization.

The weakness exists due to an error in user-controlled key in Discussion Forum Messager. A remote attacker can send specially crafted data, bypass access control and obtain data from other user forum messages on the system.


Remediation

Install update from vendor's website.

References