PT-2019-16695 · Rsa · Rsa Archer

Published

2019-09-18

Updated

2020-08-31

CVE-2019-3756

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions RSA Archer versions prior to 6.6 P3 (6.6.0.3)

Description The issue allows information related to the backend database to be disclosed to low-privileged users' UI under certain error conditions.

Recommendations For versions prior to 6.6 P3 (6.6.0.3), update to version 6.6 P3 (6.6.0.3) or later to resolve the issue.

Fix

Information Disclosure

Generation of Error Message Containing Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-209

Related Identifiers

CVE-2019-3756

Affected Products

Rsa Archer

PT-2019-16695 · Rsa · Rsa Archer

CVE-2019-3756

Weakness Enumeration

Related Identifiers

Affected Products

References · 3