CVE-2020-5334

8.2HIGH

Key Information:

Vendor: Dell
Status: Rsa Archer
Vendor: CVE Published:; 4 May 2020

Summary

RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to DOM environment in the browser. The malicious code is then executed by the web browser in the context of the vulnerable web application.

Affected Version(s)

RSA Archer < 6.7 P2

References

https://www.dell.com/support/security/en-us/details/DOC-1...

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 4, 2020
Vulnerability Reserved
Jan 3, 2020