{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T11:56:24.270","vulnerabilities":[{"cve":{"id":"CVE-2017-5002","sourceIdentifier":"security_alert@emc.com","published":"2017-07-07T00:29:00.447","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials and silently authenticate them to the RSA Archer application without the victims realizing an attack occurred."},{"lang":"es","value":"EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 es afectado por una vulnerabilidad de redirección. Un atacante remoto sin privilegios puede redireccionar a usuarios legítimos y conducirles a un ataque de phishing. El atacante puede robar las credenciales de la víctima y autenticarse silenciosamente en la aplicación RSA Archer sin que la victima se de cuenta del ataque."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"E8DD1233-DD85-441C-96BF-0C2F546E9460"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.1.1:*:*:*:*:*:*:*","matchCriteriaId":"C5CE57E4-7A97-433B-98BA-8D8348414207"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.1.3.1:*:*:*:*:*:*:*","matchCriteriaId":"2BB7C61B-6E97-456B-91FB-6B3456E5EBB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.2:*:*:*:*:*:*:*","matchCriteriaId":"DF1A155A-42C9-47DC-ABC6-80E1AABF0FE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.2.3:*:*:*:*:*:*:*","matchCriteriaId":"93AC15A9-4869-4593-B06D-0111E625C94D"},{"vulnerable":true,"criteria":"cpe:2.3:a:emc:rsa_archer_egrc:5.5.3.1:*:*:*:*:*:*:*","matchCriteriaId":"77DD0FBE-D500-4A77-A440-5958EDF9678B"}]}]}],"references":[{"url":"http://seclists.org/fulldisclosure/2017/Jun/49","source":"security_alert@emc.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/99354","source":"security_alert@emc.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038815","source":"security_alert@emc.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2017/Jun/49","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/99354","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038815","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}