Vulnerability-Lookup

CNVD-2018-04513

Vulnerability from cnvd - Published: 2018-03-07

Title

EMC RSA Archer GRC Platform URL重定向漏洞

Description

EMC RSA Archer GRC Platform是美国易安信（EMC）公司的一款企业IT治理和合规治理产品。该产品可以制定eGRC计划，用于管理企业风险、实现业务流程自动化等。 EMC RSA Archer GRC Platform 6.2.0.8及之前版本中QuickLinks功能存在URL重定向漏洞，攻击者利用该漏洞将用户重定向到任意Web站点，实施钓鱼攻击，获取敏感信息。

Severity

高

Patch Name

EMC RSA Archer GRC Platform URL重定向漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： http://www.emc.com/

Reference

http://seclists.org/fulldisclosure/2018/Mar/12

Impacted products

Name
EMC RSA Archer GRC <=6.2.0.8

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1220"
    }
  },
  "description": "EMC RSA Archer GRC Platform\u662f\u7f8e\u56fd\u6613\u5b89\u4fe1\uff08EMC\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4f01\u4e1aIT\u6cbb\u7406\u548c\u5408\u89c4\u6cbb\u7406\u4ea7\u54c1\u3002\u8be5\u4ea7\u54c1\u53ef\u4ee5\u5236\u5b9aeGRC\u8ba1\u5212\uff0c\u7528\u4e8e\u7ba1\u7406\u4f01\u4e1a\u98ce\u9669\u3001\u5b9e\u73b0\u4e1a\u52a1\u6d41\u7a0b\u81ea\u52a8\u5316\u7b49\u3002\r\n\r\nEMC RSA Archer GRC Platform 6.2.0.8\u53ca\u4e4b\u524d\u7248\u672c\u4e2dQuickLinks\u529f\u80fd\u5b58\u5728URL\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u4efb\u610fWeb\u7ad9\u70b9\uff0c\u5b9e\u65bd\u9493\u9c7c\u653b\u51fb\uff0c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "Erlend Leiknes, Security Consultant with Mnemonic AS",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.emc.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-04513",
  "openTime": "2018-03-07",
  "patchDescription": "EMC RSA Archer GRC Platform\u662f\u7f8e\u56fd\u6613\u5b89\u4fe1\uff08EMC\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4f01\u4e1aIT\u6cbb\u7406\u548c\u5408\u89c4\u6cbb\u7406\u4ea7\u54c1\u3002\u8be5\u4ea7\u54c1\u53ef\u4ee5\u5236\u5b9aeGRC\u8ba1\u5212\uff0c\u7528\u4e8e\u7ba1\u7406\u4f01\u4e1a\u98ce\u9669\u3001\u5b9e\u73b0\u4e1a\u52a1\u6d41\u7a0b\u81ea\u52a8\u5316\u7b49\u3002\r\n\r\nEMC RSA Archer GRC Platform 6.2.0.8\u53ca\u4e4b\u524d\u7248\u672c\u4e2dQuickLinks\u529f\u80fd\u5b58\u5728URL\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u4efb\u610fWeb\u7ad9\u70b9\uff0c\u5b9e\u65bd\u9493\u9c7c\u653b\u51fb\uff0c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "EMC RSA Archer GRC Platform URL\u91cd\u5b9a\u5411\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "EMC RSA Archer GRC \u003c=6.2.0.8"
  },
  "referenceLink": "http://seclists.org/fulldisclosure/2018/Mar/12",
  "serverity": "\u9ad8",
  "submitTime": "2018-03-07",
  "title": "EMC RSA Archer GRC Platform URL\u91cd\u5b9a\u5411\u6f0f\u6d1e"
}

CVE-2018-1220 (GCVE-0-2018-1220)

Vulnerability from cvelistv5 – Published: 2018-03-08 15:00 – Updated: 2024-08-05 03:51

Summary

EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect vulnerability in the QuickLinks feature. A remote attacker may potentially exploit this vulnerability to redirect genuine users to phishing websites with the intent of obtaining sensitive information from the users.

Severity

No CVSS data available.

CWE

URL Redirection to Untrusted Site

Assigner

dell

References

3 references

URL	Tags
http://seclists.org/fulldisclosure/2018/Mar/12	x_refsource_CONFIRM
http://www.securityfocus.com/bid/103319	vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1040457	vdb-entryx_refsource_SECTRACK

Impacted products

1 product

Vendor	Product	Version
n/a	EMC RSA Archer GRC Platform RSA Archer versions prior to 6.2.0.8	Affected: EMC RSA Archer GRC Platform RSA Archer versions prior to 6.2.0.8

Date Public

2018-03-08 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:51:48.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2018/Mar/12"
          },
          {
            "name": "103319",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103319"
          },
          {
            "name": "1040457",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040457"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "EMC RSA Archer GRC Platform RSA Archer versions prior to 6.2.0.8",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "EMC RSA Archer GRC Platform RSA Archer versions prior to 6.2.0.8"
            }
          ]
        }
      ],
      "datePublic": "2018-03-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect vulnerability in the QuickLinks feature. A remote attacker may potentially exploit this vulnerability to redirect genuine users to phishing websites with the intent of obtaining sensitive information from the users."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "URL Redirection to Untrusted Site",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-09T10:57:01.000Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://seclists.org/fulldisclosure/2018/Mar/12"
        },
        {
          "name": "103319",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103319"
        },
        {
          "name": "1040457",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040457"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security_alert@emc.com",
          "ID": "CVE-2018-1220",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "EMC RSA Archer GRC Platform RSA Archer versions prior to 6.2.0.8",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "EMC RSA Archer GRC Platform RSA Archer versions prior to 6.2.0.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect vulnerability in the QuickLinks feature. A remote attacker may potentially exploit this vulnerability to redirect genuine users to phishing websites with the intent of obtaining sensitive information from the users."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "URL Redirection to Untrusted Site"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://seclists.org/fulldisclosure/2018/Mar/12",
              "refsource": "CONFIRM",
              "url": "http://seclists.org/fulldisclosure/2018/Mar/12"
            },
            {
              "name": "103319",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103319"
            },
            {
              "name": "1040457",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040457"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2018-1220",
    "datePublished": "2018-03-08T15:00:00.000Z",
    "dateReserved": "2017-12-06T00:00:00.000Z",
    "dateUpdated": "2024-08-05T03:51:48.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-04513

CVE-2018-1220 (GCVE-0-2018-1220)

Tags

Sightings

Nomenclature