← voltar
CVE-2023-48641

CVE-2023-48641

CVSS 7.5 HIGHEPSS 0.5%CWE-639
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.5EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
12 dez 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference vulnerability. An authenticated malicious user in a multi-instance installation could potentially exploit this vulnerability by manipulating application resource references in user requests to bypass authorization checks, in order to gain execute access to AWF application resources.
CVSS:3.1/AC:H/AV:N/A:L/C:H/I:H/PR:H/S:C/UI:R
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/711859