CVE-2022-37316

Archer Platform 6.8 before 6.11 P3 (6.11.0.3) contains an improper API access control vulnerability in a multi-instance system that could potentially present unauthorized metadata to an authenticated user of the affected system. 6.10 P3 HF1 (6.10.0.3.1) is also a fixed release.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*
cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*

History

30 Aug 2022, 21:20

Type Values Removed Values Added
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
References (MISC) https://archerirm.com - (MISC) https://archerirm.com - Product
References (MISC) https://www.archerirm.community/t5/security-advisories/archer-update-for-improper-access-control/ta-p/682059 - (MISC) https://www.archerirm.community/t5/security-advisories/archer-update-for-improper-access-control/ta-p/682059 - Vendor Advisory
CPE cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*

25 Aug 2022, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-08-25 23:15

Updated : 2024-02-04 22:51


NVD link : CVE-2022-37316

Mitre link : CVE-2022-37316

CVE.ORG link : CVE-2022-37316


JSON object : View

Products Affected

rsa

  • archer