cvelist/2020/5xxx/CVE-2020-5331.json

{
    "CVE_data_meta": {
        "ASSIGNER": "secure@dell.com",
        "DATE_PUBLIC": "2020-02-28",
        "ID": "CVE-2020-5331",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "RSA Archer",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_value": "6.7 P3"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Dell"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. Users\u2019 session information could potentially be stored in cache or log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks."
            }
        ]
    },
    "impact": {
        "cvss": {
            "baseScore": 8.8,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-598: Information Exposure Through Query Strings in GET Request"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "MISC",
                "url": "https://www.dell.com/support/security/en-us/details/DOC-111112/DSA-2020-049-RSA-Archer-Security-Update-for-Multiple-Vulnerabilities",
                "name": "https://www.dell.com/support/security/en-us/details/DOC-111112/DSA-2020-049-RSA-Archer-Security-Update-for-Multiple-Vulnerabilities"
            }
        ]
    }
}
"-Synchronized-Data." 2020-01-03 14:01:42 +00:00			`{`
			`"CVE_data_meta": {`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`"ASSIGNER": "secure@dell.com",`
			`"DATE_PUBLIC": "2020-02-28",`
			`"ID": "CVE-2020-5331",`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`},`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`"product_name": "RSA Archer",`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"version": {`
			`"version_data": [`
			`{`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`"version_affected": "<",`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"version_value": "6.7 P3"`
			`}`
			`]`
			`}`
			`}`
			`]`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`},`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"vendor_name": "Dell"`
			`}`
			`]`
			`}`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
"-Synchronized-Data." 2020-01-03 14:01:42 +00:00			`"description": {`
			`"description_data": [`
			`{`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`"lang": "eng",`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"value": "RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. Users\u2019 session information could potentially be stored in cache or log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks."`
			`}`
			`]`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`},`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"impact": {`
			`"cvss": {`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`"baseScore": 8.8,`
			`"baseSeverity": "High",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"version": "3.1"`
			`}`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`},`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`"lang": "eng",`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"value": "CWE-598: Information Exposure Through Query Strings in GET Request"`
			`}`
			`]`
			`}`
			`]`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`},`
Added CVE-2020-5331 through 5337 and CVE-2020-5343 2020-05-04 14:43:29 -04:00			`"references": {`
			`"reference_data": [`
			`{`
"-Synchronized-Data." 2020-05-04 19:01:28 +00:00			`"refsource": "MISC",`
			`"url": "https://www.dell.com/support/security/en-us/details/DOC-111112/DSA-2020-049-RSA-Archer-Security-Update-for-Multiple-Vulnerabilities",`
			`"name": "https://www.dell.com/support/security/en-us/details/DOC-111112/DSA-2020-049-RSA-Archer-Security-Update-for-Multiple-Vulnerabilities"`
"-Synchronized-Data." 2020-01-03 14:01:42 +00:00			`}`
			`]`
			`}`
			`}`