CVE-2019-3758

8.1HIGH

Key Information:

Vendor: Dell
Status: Rsa Archer
Vendor: CVE Published:; 18 September 2019

Summary

RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts.

Affected Version(s)

RSA Archer prior to 6.6 P2 (6.6.0.2)

References

https://community.rsa.com/docs/DOC-106759

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2019
Vulnerability Reserved
Jan 3, 2019