Lucene search

MitreCVELIST:CVE-2022-30584

HistoryMay 26, 2022 - 7:18 p.m.

CVE-2022-30584

2022-05-2619:18:55

mitre

www.cve.org

archer platform

improper access control

sso adfs

vulnerability

malicious users

compromise

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.001

Percentile

36.9%

JSON

Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases.

References

www.archerirm.community/t5/releases/tkb-p/releases

www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/677341

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.001

Percentile

36.9%

JSON

Related for CVELIST:CVE-2022-30584