The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to view sensitive information. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases.
References
Link | Resource |
---|---|
https://www.archerirm.community/t5/releases/tkb-p/releases | Release Notes Vendor Advisory |
https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/677341 | Vendor Advisory |
Configurations
History
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo |
08 Jun 2022, 16:02
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.archerirm.community/t5/releases/tkb-p/releases - Release Notes, Vendor Advisory | |
References | (MISC) https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/677341 - Vendor Advisory | |
CWE | CWE-863 | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.5 |
First Time |
Rsa archer
Rsa |
|
CPE | cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:* |
26 May 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-26 20:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-30585
Mitre link : CVE-2022-30585
CVE.ORG link : CVE-2022-30585
JSON object : View
Products Affected
rsa
- archer
CWE