Dell Rsa Archer
12 CVEs affecting Dell Rsa Archer. Latest disclosed: 2020-05-04. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-3758 | Critical | 9.8 | 2019-09-18 | RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts wi… |
CVE-2020-5331 | High | 8.8 | 2020-05-04 | RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. Users’ session information could potentially be stored in cache… |
CVE-2020-5334 | High | 8.2 | 2020-05-04 | RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. A remote unauthenticated attac… |
CVE-2019-3716 | High | 7.8 | 2019-03-13 | RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The database connection password may get logged in plain text in the RSA… |
CVE-2019-3715 | High | 7.8 | 2019-03-13 | RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log… |
CVE-2020-5332 | High | 7.2 | 2020-05-04 | RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain a command injection vulnerability. AN authenticated malicious user with administrator privileges could… |
CVE-2019-3756 | Medium | 6.5 | 2019-09-18 | RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information disclosure vulnerability. Information relating to the backend database gets disclosed to… |
CVE-2020-5335 | Medium | 5.0 | 2020-05-04 | RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could potentially exploit… |
CVE-2020-5337 | Medium | 4.6 | 2020-05-04 | RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulne… |
CVE-2020-5336 | Medium | 4.6 | 2020-05-04 | RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability. An unauthenticated attacker could potentially exploit this vulnerability… |
CVE-2020-5333 | Medium | 4.3 | 2020-05-04 | RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user cou… |
CVE-2018-15780 | Medium | 4.3 | 2019-01-03 | RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability. A remote malicious user could potentially exploit this vulnerability to… |