CVE-2019-3758

RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts.
References
Link Resource
https://community.rsa.com/docs/DOC-106759 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-09-18 23:15

Updated : 2024-02-28 17:08


NVD link : CVE-2019-3758

Mitre link : CVE-2019-3758

CVE.ORG link : CVE-2019-3758


JSON object : View

Products Affected

rsa

  • archer
CWE
CWE-521

Weak Password Requirements

CWE-288

Authentication Bypass Using an Alternate Path or Channel