CVE-2018-1220

EUVD-2018-11854
EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect vulnerability in the QuickLinks feature. A remote attacker may potentially exploit this vulnerability to redirect genuine users to phishing websites with the intent of obtaining sensitive information from the users.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
Affected Products (NVD)
VendorProductVersion
emcrsa_archer
𝑥
< 6.2.0.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2018/Mar/12
http://www.securityfocus.com/bid/103319
http://www.securitytracker.com/id/1040457
http://seclists.org/fulldisclosure/2018/Mar/12
http://www.securityfocus.com/bid/103319
http://www.securitytracker.com/id/1040457