Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference vulnerability. An authenticated malicious user in a multi-instance installation could potentially exploit this vulnerability by manipulating application resource references in user requests to bypass authorization checks, in order to gain execute access to AWF application resources.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L
Vulnerability Type
N/A
Vulnerability Title
Archer Platform 安全漏洞
Vulnerability Description
Archer Platform是Archer公司的一个现代综合风险管理解决方案。 Archer Platform 6.14 P1 HF2 (6.14.0.1.2)之前的6.x版本存在安全漏洞,该漏洞源于允许经过身份验证的攻击者通过操纵用户请求来绕过授权检查,从而获得对AWF应用程序资源的执行访问权限,并利用此漏洞进行攻击。
CVSS Information
N/A
Vulnerability Type
N/A