PT-2023-30866 · Rsa · Archer Platform
Published
2023-12-12
·
Updated
2024-10-09
·
CVE-2023-48641
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Archer Platform versions 6.x through 6.14 P1 HF2 (6.14.0.1.2)
Description
The issue allows an authenticated malicious user in a multi-instance installation to potentially exploit it by manipulating application resource references in user requests to bypass authorization checks, in order to gain execute access to AWF application resources.
Recommendations
For Archer Platform versions 6.x through 6.14 P1 HF2 (6.14.0.1.2), update to version 6.14 P1 HF2 (6.14.0.1.2) or later to resolve the issue.
Fix
IDOR
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Archer Platform