| |
Vulnerability CVE-2019-3758
Published: 2019-09-18 Modified: 2019-09-19
Description: |
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts. |
Type:
CWE-287 (Improper Authentication)
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.5/10 |
6.4/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://www.dell.com/support/security/en-us/details/DOC-106759/DSA-2019-127-RSA-Archer-Security-Update-for-Multiple-Vulnerabilities
|
|
|
Copyright 2024, cxsecurity.com
|
|
|