{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-17T05:55:19.057","vulnerabilities":[{"cve":{"id":"CVE-2017-4999","sourceIdentifier":"security_alert@emc.com","published":"2017-07-07T00:29:00.303","lastModified":"2026-05-13T00:24:29.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may potentially exploit this vulnerability to elevate their privileges and view other users' discussion forum messages."},{"lang":"es","value":"RSA Archer versiones 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1  de EMC, está afectado por una omisión de autorización por medio de una vulnerabilidad de clave controlada por el usuario en los Mensajes del Foro de Discusión. Un atacante remoto con pocos privilegios puede explotar potencialmente esta vulnerabilidad para elevar sus privilegios y visualizar los mensajes del foro de discusión de otros usuarios."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"E8DD1233-DD85-441C-96BF-0C2F546E9460"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.1.1:*:*:*:*:*:*:*","matchCriteriaId":"C5CE57E4-7A97-433B-98BA-8D8348414207"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.1.3.1:*:*:*:*:*:*:*","matchCriteriaId":"2BB7C61B-6E97-456B-91FB-6B3456E5EBB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.2:*:*:*:*:*:*:*","matchCriteriaId":"DF1A155A-42C9-47DC-ABC6-80E1AABF0FE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.2.3:*:*:*:*:*:*:*","matchCriteriaId":"93AC15A9-4869-4593-B06D-0111E625C94D"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.3.1:*:*:*:*:*:*:*","matchCriteriaId":"77DD0FBE-D500-4A77-A440-5958EDF9678B"}]}]}],"references":[{"url":"http://seclists.org/fulldisclosure/2017/Jun/49","source":"security_alert@emc.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/99354","source":"security_alert@emc.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038815","source":"security_alert@emc.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2017/Jun/49","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/99354","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038815","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}