CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
12.6%
The version of EMC RSA Archer running on the remote web server is 6.6.x prior to 6.6.0.8 (6.6 P8), 6.7.x prior to 6.7.0.8 (6.7 P8), 6.8.x prior to 6.8.0.5 (6.8 P5) or 6.9.x prior to 6.9.0.2 (6.9 P2). It is, therefore, affected by an insecure credential storage vulnerability with Archer Tableau integration. A malicious attacker with access to the Tableau workbook file may obtain access to credential information to use it in further attacks.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(150048);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/06/07");
script_cve_id("CVE-2021-29253");
script_xref(name:"IAVA", value:"2021-A-0256");
script_name(english:"EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 P2 Insecure Credential Storage");
script_set_attribute(attribute:"synopsis", value:
"An application running on the remote host is affected by an insecure credential storage vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of EMC RSA Archer running on the remote web server is 6.6.x prior to 6.6.0.8 (6.6 P8), 6.7.x prior to
6.7.0.8 (6.7 P8), 6.8.x prior to 6.8.0.5 (6.8 P5) or 6.9.x prior to 6.9.0.2 (6.9 P2). It is, therefore, affected by an
insecure credential storage vulnerability with Archer Tableau integration. A malicious attacker with access to the
Tableau workbook file may obtain access to credential information to use it in further attacks.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://community.rsa.com/t5/archer-product-advisories/rsa-2021-04-archer-an-rsa-business-update-for-multiple/ta-p/603223
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?14589931");
script_set_attribute(attribute:"solution", value:
"Update to 6.6 P8, 6.7 P8, 6.8 P5, 6.9 P2, or later.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-29253");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/04/23");
script_set_attribute(attribute:"patch_publication_date", value:"2021/04/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/05/28");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:emc:rsa_archer_egrc");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("emc_rsa_archer_detect.nbin");
script_require_ports("Services/www", 80, 443);
exit(0);
}
include('http.inc');
include('vcf.inc');
var app_name = 'EMC RSA Archer';
var port = get_http_port(default:80);
var app_info = vcf::get_app_info(app:app_name, webapp:TRUE, port:port);
var constraints = [
{'min_version' : '6.6', 'fixed_version' : '6.6.0.8', 'fixed_display' : '6.6 P8 (6.6.0.8)'},
{'min_version' : '6.7', 'fixed_version' : '6.7.0.8', 'fixed_display' : '6.7 P8 (6.7.0.8)'},
{'min_version' : '6.8', 'fixed_version' : '6.8.0.5', 'fixed_display' : '6.8 P5 (6.8.0.5)'},
{'min_version' : '6.9', 'fixed_version' : '6.9.0.2', 'fixed_display' : '6.9 P2 (6.9.0.2)'}
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_NOTE);
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
12.6%