Lucene search

[email protected]NVD:CVE-2023-32760

HistoryJul 14, 2023 - 6:15 p.m.

CVE-2023-32760

2023-07-1418:15:09

CWE-668

[email protected]

web.nvd.nist.gov

archer platform

v6.12.0.6

v6.13.0

sensitive information exposure

api calls

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

28.0%

JSON

An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication.

Affected configurations

Nvd

Node

archerirmarcherRange<6.12.0.6

VendorProductVersionCPE
archerirmarcher*cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
archerirm	archer	*	cpe:2.3:a:archerirm:archer::::::::

References

www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821

www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

28.0%

JSON

Related for NVD:CVE-2023-32760

prion1 cve1 cvelist1