CVE-2020-5337

Name of the Vulnerable Software and Affected Versions RSA Archer versions prior to 6.7 P1 (6.7.0.1)

Description The issue allows a remote unauthenticated attacker to redirect application users to arbitrary web URLs by tricking victims into clicking on maliciously crafted links. This could be used to conduct phishing attacks, causing users to unknowingly visit malicious sites.

Recommendations For versions prior to 6.7 P1 (6.7.0.1), update to version 6.7 P1 (6.7.0.1) or later to resolve the issue. As a temporary workaround, consider restricting access to external links within the application to minimize the risk of exploitation.