Insecure Credential Storage in RSA Archer by Tableau Integration
CVE-2021-29253

5.1MEDIUM

Key Information:

Vendor: Rsa
Status: Archer
Vendor: CVE Published:; 26 May 2021

Summary

The Tableau integration within RSA Archer versions 6.4 P1 through 6.9 P2 is prone to an insecure credential storage issue. This vulnerability allows an attacker with access to the Tableau workbook file to extract sensitive credential information. The compromised credentials can potentially be leveraged for unauthorized access to other resources, posing significant risks to data integrity and security. It is crucial for users of affected RSA Archer versions to take immediate actions to secure their systems and mitigate potential security threats.

References

https://www.rsa.com/en-us/company/vulnerability-response-...

x_refsource_MISC

https://community.rsa.com/t5/archer-product-advisories/rs...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 26, 2021
Vulnerability Reserved
Mar 26, 2021