CNNVD-202507-3953 Information

Jul 31, 2025 cve

CNNVD ID

CNNVD-202507-3953

CVE-2025-50572

  • CNNVD Published: 2025-07-31

Description (Chinese)

RSA Security RSA Archer是美国RSA 安全(RSA Security)公司的一款企业IT治理和合规治理的产品,包括策略、风险和合规定义和管理。它能够把我们所有的企业资产,还有一些监测到的信息全部汇总,整理到统一的平台之上,给出具有业务层面参考的价值,以及一些操作的智能和综合的管理。 RSA Security RSA Archer 6.11.00204.10014版本存在安全漏洞,该漏洞源于系统输入处理不当,可能导致执行任意代码。

Description (English)

RSA Security RSA Archer is a product of the United States company RSA Security (RSA Security) corporate IT governance and compliance governance, including strategy, risk and compliance definition and management. It enables all of our business assets, and some of the information monitored, to be assembled on a unified platform, giving the value of reference at the operational level, as well as some of the smart and integrated management of operations. There is a security loophole in RSA Security RSA Archer version 6.11.00204.10014, which stems from inadequate system input processing, which may lead to the implementation of any code.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

RSA 安全

Published

2025-07-31

Last Modified

2026-02-24

References

http://archer.com https://github.com/shorooq-hummdi/Archer-csv-injection-command-exec/blob/main/README.md https://www.archerirm.community/s/blogs/formula-injection-into-csv-files-vulnerability-in-rsa-archer-6-1-x-and-higher-MCOCQFO3WCQBCCHMKNC74JGSFWQY http://rsa.com https://access.redhat.com/security/cve/cve-2025-50572

Share on: