EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness NextGen 9.8, does not ensure that SA Core requests originate from the SA REST UI, which allows remote attackers to bypass intended access restrictions by sending a Core request from a web browser or other unintended user agent.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2013-12-09T18:00:00
Updated: 2014-01-06T14:57:01
Reserved: 2013-10-21T00:00:00
Link: CVE-2013-6180
JSON object: View
NVD Information
Status : Modified
Published: 2013-12-09T18:55:09.920
Modified: 2014-01-08T04:42:01.980
Link: CVE-2013-6180
JSON object: View
Redhat Information
No data.
CWE