Maarch RM is an electronic archiving system from Maarch Inc. Streamline your authentication process, science and technical control in an efficient and optimized manner.An information disclosure vulnerability exists in Maarch RM 2.8 and later, versions prior to 2.8.6, and 2.9. The vulnerability stems from the fact that when accessing certain specific documents (pdf, email) from an archive, the application suggests a preview that generates a URL containing an md5 hash of the accessed file with no access rights verification. An attacker could exploit the vulnerability to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
maarch maarch rm >=2.8, | lt | 2.8.6 | |
maarch maarch rm | eq | 2.9 |