CVE-2018-11060

RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious…

dell·NVD-CWE-noinfo·Published 2018-07-24

CVSS

—

EPSS

0.03

KEV

Exploits

cve.orgen

220 chars

RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.

NVDen

220 chars

NVDes

235 chars

RSA Archer, en versiones anteriores a la 6.4.0.1, contiene una vulnerabilidad de omisión de autorización en la API REST. Un usuario autenticado remoto malicioso de Archer podría explotar esta vulnerabilidad para elevar sus privilegios.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.5	8.0	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P
3.0	Primary	cve.org	8.8	—	—	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H