VYPR

Archer

by Rsa

CVEs (4)

  • CVE-2018-11060HigJul 24, 2018
    risk 0.57cvss 8.8epss 0.03

    RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.

  • CVE-2018-11059HigJul 24, 2018
    risk 0.53cvss 8.2epss 0.01

    RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application…

  • CVE-2018-1219MedMar 8, 2018
    risk 0.28cvss 4.3epss 0.02

    EMC RSA Archer, versions prior to 6.2.0.8, contains an improper access control vulnerability on an API which is used to enumerate user information. A remote authenticated malicious user can potentially exploit this vulnerability to gather information about the user base and may…

  • CVE-2018-11065LowAug 24, 2018
    risk 0.18cvss 2.7epss 0.01

    The WorkPoint component, which is embedded in all RSA Archer, versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1, contains a SQL injection vulnerability. A malicious user could potentially exploit this vulnerability to execute SQL commands on the back-end…