CVE-2014-0641

EUVD-2014-0672
Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
emcrsa_archer_egrc
5.3
emcrsa_archer_egrc
5.4
emcrsa_archer_egrc
5.4:sp1
emcrsa_archer_egrc
5.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2014-08/0097.html
http://www.securityfocus.com/bid/69289
http://www.securitytracker.com/id/1030738
https://exchange.xforce.ibmcloud.com/vulnerabilities/95361
http://archives.neohapsis.com/archives/bugtraq/2014-08/0097.html
http://www.securityfocus.com/bid/69289
http://www.securitytracker.com/id/1030738
https://exchange.xforce.ibmcloud.com/vulnerabilities/95361