Rsa

Archer

33 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2022-37318

  • EPSS 0.56%
  • Published 25.08.2022 23:15:08
  • Last modified 21.11.2024 07:14:45

Archer Platform 6.9 SP2 P2 before 6.11 P3 (6.11.0.3) contain a reflected XSS vulnerability. A remote unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious Jav...

5.4

CVE-2022-37317

  • EPSS 0.25%
  • Published 25.08.2022 23:15:08
  • Last modified 21.11.2024 07:14:44

Archer Platform 6.x before 6.11 P3 contain an HTML injection vulnerability. An authenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious code in the context of the web applic...

6.5

CVE-2022-37316

  • EPSS 0.33%
  • Published 25.08.2022 23:15:08
  • Last modified 21.11.2024 07:14:44

Archer Platform 6.8 before 6.11 P3 (6.11.0.3) contains an improper API access control vulnerability in a multi-instance system that could potentially present unauthorized metadata to an authenticated user of the affected system. 6.10 P3 HF1 (6.10.0.3...

8.5

CVE-2021-33615

  • EPSS 0.54%
  • Published 02.06.2022 14:15:28
  • Last modified 21.11.2024 06:09:11

RSA Archer 6.8.00500.1003 P5 allows Unrestricted Upload of a File with a Dangerous Type.

6.5

CVE-2022-30585

  • EPSS 0.19%
  • Published 26.05.2022 20:15:10
  • Last modified 21.11.2024 07:02:58

The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to view sensitive information. 6.10 P3 (6.10.0.3) and 6.9 SP...

9

CVE-2022-30584

  • EPSS 0.5%
  • Published 26.05.2022 20:15:10
  • Last modified 21.11.2024 07:02:58

Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6....

5.4

CVE-2021-33616

  • EPSS 0.51%
  • Published 04.04.2022 12:15:07
  • Last modified 21.11.2024 06:09:11

RSA Archer 6.x through 6.9 SP1 P4 (6.9.1.4) allows stored XSS.

6.5

CVE-2021-38362

  • EPSS 0.26%
  • Published 30.03.2022 22:15:08
  • Last modified 21.11.2024 06:16:54

In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to a REST API endpoint that is vulnerable to an Insecure Direct Object Reference (IDOR) issue and retrieve sensitive data.

6.1

CVE-2022-26951

  • EPSS 0.49%
  • Published 30.03.2022 00:15:09
  • Last modified 21.11.2024 06:54:51

Archer 6.x through 6.10 (6.10.0.0) contains a reflected XSS vulnerability. A remote SAML-unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScr...

6.1

CVE-2022-26950

  • EPSS 0.13%
  • Published 30.03.2022 00:15:09
  • Last modified 21.11.2024 06:54:51

Archer 6.x through 6.9 P2 (6.9.0.2) is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims...