Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

rsa archer 6.9 vulnerabilities and exploits

(subscribe to this query)
6.1
CVSSv3
CVE-2020-26884
RSA Archer 6.8 up to and including 6.8.0.3 and 6.9 contains a URL injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user into executing malicious JavaScript code in the context of the web appl...
Rsa ArcherRsa Archer 6.9
5.4
CVSSv3
CVE-2021-33616
RSA Archer 6.x up to and including 6.9 SP1 P4 (6.9.1.4) allows stored XSS.
Rsa Archer
7.5
CVSSv3
CVE-2022-26948
The Archer RSS feed integration for Archer 6.x up to and including 6.9 SP1 (6.9.1.0) is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks.
Rsa Archer
5.4
CVSSv3
CVE-2021-29252
RSA Archer prior to 6.9 SP1 P1 (6.9.1.1) contains a stored XSS vulnerability. A remote authenticated malicious Archer user with access to modify link name fields could potentially exploit this vulnerability to execute code in a victim's browser.
Rsa Archer
6.5
CVSSv3
CVE-2021-38362
In RSA Archer 6.x up to and including 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to a REST API endpoint that is vulnerable to an Insecure Direct Object Reference (IDOR) issue and retrieve sensitive data.
Rsa Archer
4.9
CVSSv3
CVE-2020-29538
Archer prior to 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather information about the system, and may use this information in subsequent attacks...
Rsa Archer
6.5
CVSSv3
CVE-2022-26949
Archer 6.x up to and including 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on attachments. A remote authenticated malicious user could potentially exploit this vulnerability to gain access to files that should only be allowed by extra privileges.
Rsa Archer
8.8
CVSSv3
CVE-2022-30584
Archer Platform 6.3 prior to 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releas...
Rsa Archer
6.5
CVSSv3
CVE-2022-30585
The REST API in Archer Platform 6.x prior to 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to view sensitive information. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixe...
Rsa Archer
5.5
CVSSv3
CVE-2021-29253
The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) up to and including 6.9 P2 (6.9.0.2) is affected by an insecure credential storage vulnerability. An malicious attacker with access to the Tableau workbook file may obtain access to credential information to use it in further...
Rsa Archer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook