CVE-2019-3756

6.5MEDIUM

Key Information:

Vendor: Dell
Status: Rsa Archer
Vendor: CVE Published:; 18 September 2019

Summary

RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information disclosure vulnerability. Information relating to the backend database gets disclosed to low-privileged RSA Archer users' UI under certain error conditions.

Affected Version(s)

RSA Archer prior to 6.6 P3 (6.6.0.3)

References

https://community.rsa.com/docs/DOC-106759

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2019
Vulnerability Reserved
Jan 3, 2019