Vulnerabilities > RSA

DATE CVE VULNERABILITY TITLE RISK
2022-03-30 CVE-2022-26947 Cross-site Scripting vulnerability in RSA Archer
Archer 6.x through 6.9 SP3 (6.9.3.0) contains a reflected XSS vulnerability.
network
low complexity
rsa CWE-79
5.4
2022-03-30 CVE-2022-26948 Insufficiently Protected Credentials vulnerability in RSA Archer
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an insecure credential storage vulnerability.
network
low complexity
rsa CWE-522
7.5
2022-03-30 CVE-2022-26949 Unspecified vulnerability in RSA Archer
Archer 6.x through 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on attachments.
network
low complexity
rsa
6.5
2022-03-30 CVE-2022-26950 Open Redirect vulnerability in RSA Archer
Archer 6.x through 6.9 P2 (6.9.0.2) is affected by an open redirect vulnerability.
network
low complexity
rsa CWE-601
6.1
2022-03-30 CVE-2022-26951 Cross-site Scripting vulnerability in RSA Archer
Archer 6.x through 6.10 (6.10.0.0) contains a reflected XSS vulnerability.
network
low complexity
rsa CWE-79
6.1
2021-05-26 CVE-2021-29252 Cross-site Scripting vulnerability in RSA Archer
RSA Archer before 6.9 SP1 P1 (6.9.1.1) contains a stored XSS vulnerability.
network
low complexity
rsa CWE-79
5.4
2021-05-26 CVE-2021-29253 Insufficiently Protected Credentials vulnerability in RSA Archer
The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 6.9 P2 (6.9.0.2) is affected by an insecure credential storage vulnerability.
local
low complexity
rsa CWE-522
5.5
2021-01-29 CVE-2020-29538 Unspecified vulnerability in RSA Archer
Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API.
network
low complexity
rsa
4.9
2021-01-29 CVE-2020-29537 Open Redirect vulnerability in RSA Archer
Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability.
network
low complexity
rsa CWE-601
5.4
2021-01-29 CVE-2020-29536 Use of a Broken or Risky Cryptographic Algorithm vulnerability in RSA Archer
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability.
network
low complexity
rsa CWE-327
4.3