Lucene search

MitreCVELIST:CVE-2023-32760

HistoryJul 14, 2023 - 12:00 a.m.

CVE-2023-32760

2023-07-1400:00:00

mitre

www.cve.org

archer platform

api

data feeds

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

28.0%

JSON

An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication.

References

www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821

www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

28.0%

JSON

Related for CVELIST:CVE-2023-32760