CVE-2019-3758

Summary

RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts.

Affected Software

VendorProductVersion RangeStatus
DellRSA Archerprior to 6.6 P2 (6.6.0.2)affected

Weaknesses

  • CWE-288: CWE-288: Authentication Bypass Using an Alternate Path or Channel

ADP Enrichment

CVE Program Container

Additional References

References