CVE-2018-1219

Summary

EMC RSA Archer, versions prior to 6.2.0.8, contains an improper access control vulnerability on an API which is used to enumerate user information. A remote authenticated malicious user can potentially exploit this vulnerability to gather information about the user base and may use this information in subsequent attacks.

Affected Software

VendorProductVersion RangeStatus
n/aEMC RSA Archer GRC Platform RSA Archer versions prior to 6.2.0.8EMC RSA Archer GRC Platform RSA Archer versions prior to 6.2.0.8affected

Weaknesses

  • Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References