First published: Fri Jan 29 2021(Updated: )
Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather information about the system, and may use this information in subsequent attacks.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
RSA Archer | >=6.6<6.6.0.8 | |
RSA Archer | >=6.7<6.7.0.8 | |
RSA Archer | >=6.8<6.8.0.5 | |
RSA Archer | >=6.9<6.9.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-29538 is an improper access control vulnerability in RSA Archer before 6.9 P1 (6.9.0.1).
CVE-2020-29538 has a severity rating of 4.9 (medium).
CVE-2020-29538 affects RSA Archer versions 6.6 through 6.9.0.1.
A remote authenticated malicious user can potentially exploit CVE-2020-29538 to gather information about the system and use it in subsequent attacks.
You can find more information about CVE-2020-29538 at the RSA Community website and the RSA vulnerability response policy page.