PT-2021-18148 · Rsa+1 · Rsa Archer+1

Published

2021-05-26

Updated

2021-06-04

CVE-2021-29253

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: RSA Archer versions 6.4.0.1 through 6.9.0.2

Description: The Tableau integration in RSA Archer is affected by an insecure credential storage issue. A malicious attacker with access to the Tableau workbook file may obtain access to credential information to use it in further attacks.

Recommendations: For RSA Archer versions 6.4.0.1 through 6.9.0.2, consider restricting access to the Tableau workbook file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2021-29253

Affected Products

Rsa Archer

Tableau

PT-2021-18148 · Rsa+1 · Rsa Archer+1

CVE-2021-29253

Weakness Enumeration

Related Identifiers

Affected Products

References · 5