PT-2013-1560 · Emc+1 · Emc Rsa Archer Smartsuite Framework+1
Publicado
2013-02-06
·
Atualizado
2013-02-07
·
CVE-2012-2293
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
EMC RSA Archer SmartSuite Framework versions 4.x
RSA Archer GRC versions 5.x before 5.2SP1
Description
The issue allows remote authenticated users to upload files and consequently execute arbitrary code via a relative path, due to a directory traversal vulnerability.
Recommendations
For EMC RSA Archer SmartSuite Framework versions 4.x, update to a version outside of the 4.x range to resolve the issue.
For RSA Archer GRC versions 5.x before 5.2SP1, update to version 5.2SP1 or later to resolve the issue.
Correção
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Emc Rsa Archer Smartsuite Framework
Rsa Archer Grc