Vulnerabilities > CVE-2022-30584 - Incorrect Authorization vulnerability in RSA Archer 6.10.0.0/6.10.0.1

047910
CVSS 9.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
rsa
CWE-863
critical

Summary

Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases.

Vulnerable Configurations

Part Description Count
Application
Rsa
3

Common Weakness Enumeration (CWE)