RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Archer | Rsa | 6.1.0.0 (including) | 6.1.0.3 (excluding) |
Archer | Rsa | 6.2.0.0 (including) | 6.2.0.10 (excluding) |
Archer | Rsa | 6.3.0.0 (including) | 6.3.0.7 (excluding) |
Archer | Rsa | 6.4.0.0 (including) | 6.4.0.0 (including) |