Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather information about the system, and may use this information in subsequent attacks.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
N/A
Vulnerability Title
Archer 访问控制错误漏洞
Vulnerability Description
RSA Security Archer是英国RSA Security公司的一款企业IT治理和合规治理产品。该产品可以制定eGRC计划,用于管理企业风险、实现业务流程自动化等。 Archer before 6.9 P1 存在访问控制错误漏洞,该漏洞源于一个不适当的访问控制漏洞。经过身份验证的远程恶意管理用户可能会利用此漏洞收集有关系统的信息,并可能在后续攻击中使用这些信息。
CVSS Information
N/A
Vulnerability Type
N/A