Vulnerability Details CVE-2019-3758
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.5%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 7.5
Products affected by CVE-2019-3758
-
cpe:2.3:a:rsa:archer:6.1
-
cpe:2.3:a:rsa:archer:6.1.0.0
-
cpe:2.3:a:rsa:archer:6.1.0.3
-
cpe:2.3:a:rsa:archer:6.2
-
cpe:2.3:a:rsa:archer:6.3
-
cpe:2.3:a:rsa:archer:6.4
-
cpe:2.3:a:rsa:archer:6.4.0.1
-
cpe:2.3:a:rsa:archer:6.4.0.2
-
cpe:2.3:a:rsa:archer:6.5