CVE-2019-3758
First published: Wed Sep 18 2019(Updated: )
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| RSA Archer | <6.6.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-3758?
CVE-2019-3758 is an improper authentication vulnerability in RSA Archer versions prior to 6.6 P2 (6.6.0.2).
How severe is CVE-2019-3758?
CVE-2019-3758 has a severity score of 9.8, which is considered critical.
How can unauthenticated attackers exploit CVE-2019-3758?
Unauthenticated attackers can exploit CVE-2019-3758 by gaining unauthorized access to the RSA Archer system using user accounts with insufficient credentials.
What is the affected software?
RSA Archer versions prior to 6.6 P2 (6.6.0.2) are affected by CVE-2019-3758.
Is there a fix for CVE-2019-3758?
Yes, the fix for CVE-2019-3758 is to upgrade RSA Archer to version 6.6 P2 (6.6.0.2) or later.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/weakness
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/rsa
- canonical/rsa archer