RSA Archer GRC CVE-2014-0641 Unspecified Cross Site Request Forgery Vulnerability
BID:69289
Info
RSA Archer GRC CVE-2014-0641 Unspecified Cross Site Request Forgery Vulnerability
| Bugtraq ID: | 69289 |
| Class: | Design Error |
| CVE: |
CVE-2014-0641 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 19 2014 12:00AM |
| Updated: | Aug 22 2014 10:34AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
RSA Archer GRC CVE-2014-0641 Unspecified Cross Site Request Forgery Vulnerability
RSA Archer GRC is prone to an unspecified cross-site request-forgery vulnerability.
An attacker may leverage this issue to perform certain actions in the context of an authorized user's session and gain unauthorized access to the affected application; other attacks are also possible.
Versions prior to RSA Archer GRC 5.5 SP1 are vulnerable.
RSA Archer GRC is prone to an unspecified cross-site request-forgery vulnerability.
An attacker may leverage this issue to perform certain actions in the context of an authorized user's session and gain unauthorized access to the affected application; other attacks are also possible.
Versions prior to RSA Archer GRC 5.5 SP1 are vulnerable.
Exploit / POC
RSA Archer GRC CVE-2014-0641 Unspecified Cross Site Request Forgery Vulnerability
To exploit this issue an attacker must entice an unsuspecting victim into visiting a malicious webpage.
To exploit this issue an attacker must entice an unsuspecting victim into visiting a malicious webpage.
Solution / Fix
RSA Archer GRC CVE-2014-0641 Unspecified Cross Site Request Forgery Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
RSA Archer GRC CVE-2014-0641 Unspecified Cross Site Request Forgery Vulnerability
References:
References: