CVE-2017-4999

Name of the Vulnerable Software and Affected Versions EMC RSA Archer versions 5.4.1.3, 5.5.1.1, 5.5.1.3.1, 5.5.2, 5.5.2.3, 5.5.3.1

Description The issue is related to an authorization bypass through a user-controlled key vulnerability in Discussion Forum Messages. A remote low-privileged attacker may potentially exploit this to elevate their privileges and view other users' discussion forum messages.

Recommendations For versions 5.4.1.3, 5.5.1.1, 5.5.1.3.1, 5.5.2, 5.5.2.3, 5.5.3.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.