6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
53.2%
The version of EMC RSA Archer running on the remote web server is prior to 6.7.0.3 (6.7 P3) or 6.6 P6 (6.6.0.6). It is, therefore, affected by multiple vulnerabilities:
RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a Document Object Model (DOM) based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to DOM environment in the browser. The malicious code is then executed by the web browser in the context of the vulnerable web application (CVE-2020-5334).
RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to send arbitrary requests to the vulnerable application to perform server operations with the privileges of the authenticated victim user (CVE-2020-5335).
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(139750);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/05/28");
script_cve_id("CVE-2020-5334", "CVE-2020-5335");
script_xref(name:"IAVA", value:"2020-A-0187-S");
script_name(english:"EMC RSA Archer < 6.5.0.7, < 6.6.0.6 and < 6.7.0.2 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"An application running on the remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of EMC RSA Archer running on the remote web server is prior to 6.7.0.3 (6.7 P3) or 6.6 P6 (6.6.0.6). It is,
therefore, affected by multiple vulnerabilities:
- RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a Document Object Model (DOM) based cross-site
scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking
a victim application user to supply malicious HTML or JavaScript code to DOM environment in the browser. The
malicious code is then executed by the web browser in the context of the vulnerable web application (CVE-2020-5334).
- RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. A remote
unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user
to send arbitrary requests to the vulnerable application to perform server operations with the privileges of
the authenticated victim user (CVE-2020-5335).");
# https://www.dell.com/support/security/en-ie/details/DOC-111112/DSA-2020-049-RSA-Archer-Security-Update-for-Multiple-Vulnerabilities
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9524eeb5");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-5335");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/27");
script_set_attribute(attribute:"patch_publication_date", value:"2020/02/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/08/21");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:emc:rsa_archer_egrc");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("emc_rsa_archer_detect.nbin");
script_require_ports("Services/www", 80, 443);
exit(0);
}
include('http.inc');
include('vcf.inc');
app_name = 'EMC RSA Archer';
port = get_http_port(default:80);
app_info = vcf::get_app_info(app:app_name, webapp:TRUE, port:port);
constraints = [
{'min_version' : '6.5.0', 'fixed_version' : '6.5.0.7', 'fixed_display' : '6.5 P7 (6.5.0.7)'},
{'min_version' : '6.6.0', 'fixed_version' : '6.6.0.6', 'fixed_display' : '6.6 P6 (6.6.0.6)'},
{'min_version' : '6.7.0', 'fixed_version' : '6.7.0.2', 'fixed_display' : '6.7 P2 (6.7.0.2)'}
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
Vendor | Product | Version | CPE |
---|---|---|---|
emc | rsa_archer_egrc | cpe:/a:emc:rsa_archer_egrc |
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
53.2%