Archer Security Vulnerabilities and Issues — Archer CVE List

Lucene search

RsaArcher

3 matches found

CVE•added 2018/08/24 3:29 p.m.•68 views

CVE-2018-11065

The WorkPoint component, which is embedded in all RSA Archer, versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1, contains a SQL injection vulnerability. A malicious user could potentially exploit this vulnerability to execute SQL commands on the back-end database to read cert...

4.3CVSS5.3AI score0.00252EPSS

CVE•added 2018/07/24 7:29 p.m.•67 views

CVE-2018-11060

RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.

8.8CVSS8.3AI score0.00716EPSS

CVE•added 2018/07/24 7:29 p.m.•57 views

CVE-2018-11059

RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the cor...

8.2CVSS4.9AI score0.00371EPSS