CVE-2020-5332
HIGHRSA Archer < 6.7.0.3 - Authenticated OS Command Injection
Title source: llmDescription
RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain a command injection vulnerability. AN authenticated malicious user with administrator privileges could potentially exploit this vulnerability to execute arbitrary commands on the system where the vulnerable application is deployed.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.dell.com/support/security/en-us/details/DOC-111112/DSA-2020-049-RSA-Archer-Security-Update-for-Multiple-Vulnerabilities
Scores
CVSS v3
7.2
EPSS
0.0225
EPSS Percentile
80.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (1)
rsa/archer
< 6.7.0.3
Published
May 04, 2020
Tracked Since
Feb 18, 2026