Vulnerabilities > CVE-2024-49209 - Incorrect Authorization vulnerability in Archerirm Archer 2024.03/2024.04/2024.06

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
archerirm
CWE-863

Summary

Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass vulnerability related to supporting application files. A remote unprivileged attacker could potentially exploit this vulnerability to elevate their privileges and upload additional system icons.

Vulnerable Configurations

Part Description Count
Application
Archerirm
3

Common Weakness Enumeration (CWE)