First published: Thu Aug 25 2022(Updated: )
Archer Platform 6.8 before 6.11 P3 (6.11.0.3) contains an improper API access control vulnerability in a multi-instance system that could potentially present unauthorized metadata to an authenticated user of the affected system. 6.10 P3 HF1 (6.10.0.3.1) is also a fixed release.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
RSA Archer | >=6.8<6.10.0.3.1 | |
RSA Archer | >=6.11<6.11.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-37316 is medium.
Archer Platform 6.8 before 6.11 P3 (6.11.0.3) has an improper API access control vulnerability in a multi-instance system.
The vulnerability could potentially present unauthorized metadata to an authenticated user of the affected system.
RSA Archer versions 6.8 to 6.10 P3 HF1 and 6.11 to 6.11 P3 are affected by CVE-2022-37316.
Yes, RSA has released fixed versions 6.10 P3 HF1 (6.10.0.3.1) and 6.11 P3 (6.11.0.3) to address the vulnerability.