CVE-2017-5002

Name of the Vulnerable Software and Affected Versions EMC RSA Archer versions 5.4.1.3, 5.5.1.1, 5.5.1.3.1, 5.5.2, 5.5.2.3, 5.5.3.1

Description The issue allows a remote unprivileged attacker to potentially redirect legitimate users to arbitrary web sites, which could lead to phishing attacks. This may result in the attacker stealing the victims' credentials and silently authenticating them to the RSA Archer application without the victims realizing an attack occurred.

Recommendations For versions 5.4.1.3, 5.5.1.1, 5.5.1.3.1, 5.5.2, 5.5.2.3, 5.5.3.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.