Command Injection Vulnerability in RSA Netwitness Platform and RSA Security Analytics
CVE-2019-3725 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to 10.6.6.1 are vulnerable to a Command Injection vulnerability due to missing input validation in the product. A remote unauthenticated malicious user could exploit this vulnerability to execute arbitrary commands on the server.
Learn more about our Cis Benchmark Audit For Server Software.