exploitDog

CVE-2024-26310

Опубликовано: 21 фев. 2024

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API information that should only be accessible with extra privileges.

Ссылки

https://archerirm.com
Product
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134
Vendor Advisory
https://archerirm.com
Product
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*

Версия до 6.14.0.2 (исключая)

EPSS

Процентиль: 36%

0.00153

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-pxqq-9cx5-7w7f

CVSS3: 4.3

github

почти 2 года назад

Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API information that should only be accessible with extra privileges.

EPSS

Процентиль: 36%

0.00153

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-284