← volver
CVE-2020-5334

CVE-2020-5334

CVSS 8.2 HIGHEPSS 0.9%CWE-79
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.2EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
04 may 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to DOM environment in the browser. The malicious code is then executed by the web browser in the context of the vulnerable web application.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
Productos afectados
Dell · RSA Archer

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.dell.com/support/security/en-us/details/DOC-111112/DSA-2020-049-RSA-Archer-Security-Update-for-Multiple-Vulnerabilities