First published: Thu May 26 2022(Updated: )
The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to view sensitive information. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
RSA Archer | >=6.3<6.9.3.4 | |
RSA Archer | >=6.10.0.0<6.10.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-30585 is an Authorization Bypass Vulnerability in the REST API of RSA Archer Platform 6.x before 6.11 (6.11.0.0).
A remote authenticated malicious user could exploit this vulnerability to view sensitive information.
RSA Archer Platform 6.3 to 6.9.3.4 and 6.10.0.0 to 6.10.0.3 are affected.
The severity of CVE-2022-30585 is medium, with a CVSS score of 6.5.
Yes, RSA Archer Platform 6.11 (6.11.0.0) and fixed releases 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are available.