Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rsa archer 6.9 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-37318
Archer Platform 6.9 SP2 P2 prior to 6.11 P3 (6.11.0.3) contain a reflected XSS vulnerability. A remote unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious JavaScript code to the vulnerab...
Rsa Archer
8.8
CVSSv3
CVE-2022-30584
Archer Platform 6.3 prior to 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releas...
Rsa Archer
6.5
CVSSv3
CVE-2022-30585
The REST API in Archer Platform 6.x prior to 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to view sensitive information. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixe...
Rsa Archer
5.4
CVSSv3
CVE-2021-33616
RSA Archer 6.x up to and including 6.9 SP1 P4 (6.9.1.4) allows stored XSS.
Rsa Archer
6.5
CVSSv3
CVE-2021-38362
In RSA Archer 6.x up to and including 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to a REST API endpoint that is vulnerable to an Insecure Direct Object Reference (IDOR) issue and retrieve sensitive data.
Rsa Archer
5.4
CVSSv3
CVE-2022-26947
Archer 6.x up to and including 6.9 SP3 (6.9.3.0) contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnera...
Rsa Archer
7.5
CVSSv3
CVE-2022-26948
The Archer RSS feed integration for Archer 6.x up to and including 6.9 SP1 (6.9.1.0) is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks.
Rsa Archer
6.5
CVSSv3
CVE-2022-26949
Archer 6.x up to and including 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on attachments. A remote authenticated malicious user could potentially exploit this vulnerability to gain access to files that should only be allowed by extra privileges.
Rsa Archer
6.1
CVSSv3
CVE-2022-26950
Archer 6.x up to and including 6.9 P2 (6.9.0.2) is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials...
Rsa Archer
6.5
CVSSv3
CVE-2021-41594
In RSA Archer 6.9.SP1 P3, if some application functions are precluded by the Administrator, this can be bypassed by intercepting the API request at the /api/V2/internal/TaskPermissions/CheckTaskAccess endpoint. If the parameters of this request are replaced with empty fields, the...
Rsa Archer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »