EMC RSA Security Analytics (SA) 10.x prior to 10.3, and RSA NetWitness NextGen 9.8, does not ensure that SA Core requests originate from the SA REST UI, which allows remote malicious users to bypass intended access restrictions by sending a Core request from a web browser or other unintended user agent.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
emc rsa security analytics 10.1 |
||
emc rsa security analytics 10.0 |
||
emc rsa netwitness nextgen 9.8 |
||
emc rsa security analytics 10.2 |