CVE Vulnerabilities

CVE-2018-11060

Published: Jul 24, 2018 | Modified: Oct 09, 2019
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.

Affected Software

Name Vendor Start Version End Version
Archer Rsa 6.1.0.0 *
Archer Rsa 6.2.0.0 *
Archer Rsa 6.3.0.0 *
Archer Rsa 6.4.0.0 6.4.0.0

References