Approved changes feed: RSS · Atom
cpe:2.3:a:rsa:archer:6.4.0.0:*:*:*:*:*:*:*
part: a version: 6.4.0.0 update: *
| Vendor | Rsa (6c9430aa-ac8c-5ac3-900a-ccfffd5a25d5) |
|---|---|
| Product | Archer (5b637ddf-334c-56ef-8500-0c010bb2ded7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-11060 |
vulnerable | 2026-06-03 14:38:00.809096 |
Details available
HIGH (8.8)
RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.
Published: 2018-07-24T19:00:00.000Z
Updated: 2024-09-16T16:58:13.454Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-11059 |
vulnerable | 2026-06-03 14:38:00.808597 |
Details available
HIGH (8.2)
RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the corrupted data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.
Published: 2018-07-24T19:00:00.000Z
Updated: 2024-09-16T19:14:28.788Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.