Archer Security Vulnerabilities and Issues — Archer CVE List

Lucene search

RsaArcher

4 matches found

CVE•added 2018/08/24 3:29 p.m.•68 views

CVE-2018-11065

The WorkPoint component, which is embedded in all RSA Archer, versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1, contains a SQL injection vulnerability. A malicious user could potentially exploit this vulnerability to execute SQL commands on the back-end database to read cert...

4.3CVSS5.3AI score0.00252EPSS

CVE•added 2021/01/29 7:15 a.m.•67 views

CVE-2020-29538

Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather information about the system, and may use this information in subsequent attacks.

4.9CVSS4.8AI score0.00228EPSS

CVE•added 2021/01/29 7:15 a.m.•60 views

CVE-2020-29536

Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote authenticated malicious attacker with access to service files may obtain sensitive information to use it in further attacks.

4.3CVSS4.2AI score0.00072EPSS

CVE•added 2020/05/04 7:15 p.m.•39 views

CVE-2020-5333

RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to view unauthorized information.

4.3CVSS4.3AI score0.00111EPSS