Vulnerability-Lookup

CNVD-2018-13653

Vulnerability from cnvd - Published: 2018-07-23

Title

RSA Archer跨站脚本漏洞

Description

RSA Archer是一款企业IT治理和合规治理产品。 RSA Archer存在跨站脚本漏洞, 远程认证恶意Archer用户可利用此漏洞将恶意HTML或JavaScript代码存储在可信应用数据存储。当应用程序用户通过浏览器访问破坏的数据存储时，恶意代码在易受攻击的Web应用程序的上下文中由Web浏览器执行。

Severity

高

Patch Name

RSA Archer跨站脚本漏洞的补丁

Patch Description

Formal description

用户可联系供应商获得补丁信息： http://www.emc.com/products/security/product-security-response-center.htm

Reference

http://seclists.org/fulldisclosure/2018/Jul/69

Impacted products

Name
['Dell EMC RSA Archer 6.1.', 'Dell EMC RSA Archer 6.2.', 'Dell EMC RSA Archer 6.3.*', 'Dell EMC RSA Archer 6.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-11059"
    }
  },
  "description": "RSA Archer\u662f\u4e00\u6b3e\u4f01\u4e1aIT\u6cbb\u7406\u548c\u5408\u89c4\u6cbb\u7406\u4ea7\u54c1\u3002\r\n\r\nRSA Archer\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e, \u8fdc\u7a0b\u8ba4\u8bc1\u6076\u610fArcher\u7528\u6237\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5c06\u6076\u610fHTML\u6216JavaScript\u4ee3\u7801\u5b58\u50a8\u5728\u53ef\u4fe1\u5e94\u7528\u6570\u636e\u5b58\u50a8\u3002\u5f53\u5e94\u7528\u7a0b\u5e8f\u7528\u6237\u901a\u8fc7\u6d4f\u89c8\u5668\u8bbf\u95ee\u7834\u574f\u7684\u6570\u636e\u5b58\u50a8\u65f6\uff0c\u6076\u610f\u4ee3\u7801\u5728\u6613\u53d7\u653b\u51fb\u7684Web\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u7531Web\u6d4f\u89c8\u5668\u6267\u884c\u3002",
  "discovererName": "Francesca Perrone and Donato Onofri of Business Integration Partners",
  "formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.emc.com/products/security/product-security-response-center.htm",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-13653",
  "openTime": "2018-07-23",
  "patchDescription": "RSA Archer\u662f\u4e00\u6b3e\u4f01\u4e1aIT\u6cbb\u7406\u548c\u5408\u89c4\u6cbb\u7406\u4ea7\u54c1\u3002\r\n\r\nRSA Archer\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e, \u8fdc\u7a0b\u8ba4\u8bc1\u6076\u610fArcher\u7528\u6237\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5c06\u6076\u610fHTML\u6216JavaScript\u4ee3\u7801\u5b58\u50a8\u5728\u53ef\u4fe1\u5e94\u7528\u6570\u636e\u5b58\u50a8\u3002\u5f53\u5e94\u7528\u7a0b\u5e8f\u7528\u6237\u901a\u8fc7\u6d4f\u89c8\u5668\u8bbf\u95ee\u7834\u574f\u7684\u6570\u636e\u5b58\u50a8\u65f6\uff0c\u6076\u610f\u4ee3\u7801\u5728\u6613\u53d7\u653b\u51fb\u7684Web\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u7531Web\u6d4f\u89c8\u5668\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "RSA Archer\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Dell EMC RSA Archer 6.1.*",
      "Dell EMC RSA Archer 6.2.*",
      "Dell EMC RSA Archer 6.3.*",
      "Dell EMC RSA Archer 6.4"
    ]
  },
  "referenceLink": "http://seclists.org/fulldisclosure/2018/Jul/69",
  "serverity": "\u9ad8",
  "submitTime": "2018-07-23",
  "title": "RSA Archer\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

CVE-2018-11059 (GCVE-0-2018-11059)

Vulnerability from cvelistv5 – Published: 2018-07-24 19:00 – Updated: 2024-09-16 19:14

Summary

RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the corrupted data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.

Severity

8.2 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L

CWE

Stored Cross-Site Scripting Vulnerability

Assigner

dell

References

3 references

URL	Tags
http://www.securityfocus.com/bid/104892	vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041359	vdb-entryx_refsource_SECTRACK
http://seclists.org/fulldisclosure/2018/Jul/69	mailing-listx_refsource_FULLDISC

Impacted products

1 product

Vendor	Product	Version
Dell EMC	RSA Archer	Affected: next of 6.4.0.1 , < unspecified (custom)

Date Public

2018-06-18 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:54:36.636Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "104892",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104892"
          },
          {
            "name": "1041359",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041359"
          },
          {
            "name": "20180718 DSA-2018-130: RSA Archer Multiple Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2018/Jul/69"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "RSA Archer",
          "vendor": "Dell EMC",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "next of 6.4.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-06-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the corrupted data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Stored Cross-Site Scripting Vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-27T09:57:01.000Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "name": "104892",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104892"
        },
        {
          "name": "1041359",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041359"
        },
        {
          "name": "20180718 DSA-2018-130: RSA Archer Multiple Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2018/Jul/69"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security_alert@emc.com",
          "DATE_PUBLIC": "2018-06-18T04:00:00.000Z",
          "ID": "CVE-2018-11059",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "RSA Archer",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003e",
                            "version_affected": "\u003e",
                            "version_value": "6.4.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Dell EMC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the corrupted data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Stored Cross-Site Scripting Vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "104892",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104892"
            },
            {
              "name": "1041359",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041359"
            },
            {
              "name": "20180718 DSA-2018-130: RSA Archer Multiple Vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2018/Jul/69"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2018-11059",
    "datePublished": "2018-07-24T19:00:00.000Z",
    "dateReserved": "2018-05-14T00:00:00.000Z",
    "dateUpdated": "2024-09-16T19:14:28.788Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-13653

CVE-2018-11059 (GCVE-0-2018-11059)

Tags

Sightings

Nomenclature