Unrated severityNVD Advisory· Published Aug 24, 2018· Updated Sep 16, 2024

CVE-2018-11065

Description

The WorkPoint component, which is embedded in all RSA Archer, versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1, contains a SQL injection vulnerability. A malicious user could potentially exploit this vulnerability to execute SQL commands on the back-end database to read certain data. Embedded WorkPoint is upgraded to version 4.10.16, which contains a fix for the vulnerability.

Affected products

Rsa/WorkPointllm-create
Range: <4.10.16
Archer/Archerllm-fuzzy
Range: >=6.1.0, <6.3.0.7, >=6.4.0, <6.4.0.1
EMC Corporation/Rsa Archer Egrccpe-rescue
Range: 6.1.x,6.2.x

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/fulldisclosure/2018/Aug/31mitremailing-listx_refsource_FULLDISC
www.securityfocus.com/bid/105128mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1041540mitrevdb-entryx_refsource_SECTRACK

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000