Improper Authentication Vulnerability in RSA Archer Software by RSA
CVE-2019-3758

8.1HIGH

Key Information:

Vendor: Dell
Status: Rsa Archer
Vendor: CVE Published:; 18 September 2019

What is CVE-2019-3758?

RSA Archer software prior to version 6.6 P2 is susceptible to an improper authentication vulnerability. This flaw enables system administrators to create user accounts with inadequate credentials, resulting in potential unauthorized access by unauthenticated attackers. Attackers could exploit this weakness to gain inappropriate access to sensitive system functionalities.

Affected Version(s)

RSA Archer prior to 6.6 P2 (6.6.0.2)

References

https://community.rsa.com/docs/DOC-106759

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2019
Vulnerability Reserved
Jan 3, 2019

Dell

What is CVE-2019-3758?

Affected Version(s)

References

CVSS V3.1

Timeline