Vulnerabilities > RSA > Archer > 6.4.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-30 | CVE-2022-26951 | Cross-site Scripting vulnerability in RSA Archer Archer 6.x through 6.10 (6.10.0.0) contains a reflected XSS vulnerability. | 4.3 |
| 2021-05-26 | CVE-2021-29253 | Insufficiently Protected Credentials vulnerability in RSA Archer The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 6.9 P2 (6.9.0.2) is affected by an insecure credential storage vulnerability. | 2.1 |
| 2020-05-04 | CVE-2020-5337 | Open Redirect vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirection vulnerability. | 5.8 |
| 2020-05-04 | CVE-2020-5336 | Injection vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability. | 5.8 |
| 2020-05-04 | CVE-2020-5335 | Cross-Site Request Forgery (CSRF) vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. | 6.8 |
| 2020-05-04 | CVE-2020-5334 | Cross-site Scripting vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. | 4.3 |
| 2020-05-04 | CVE-2020-5333 | Incorrect Authorization vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API. | 4.0 |
| 2020-05-04 | CVE-2020-5332 | OS Command Injection vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain a command injection vulnerability. | 9.0 |
| 2020-05-04 | CVE-2020-5331 | Information Exposure vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. | 2.1 |
| 2019-09-18 | CVE-2019-3758 | Weak Password Requirements vulnerability in RSA Archer RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. | 7.5 |