Vulnerability Details CVE-2023-32760
An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.5%
CVSS Severity
CVSS v3 Score 7.7
References
- https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821
- https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362
- https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821
- https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362
Products affected by CVE-2023-32760
-
cpe:2.3:a:archerirm:archer:-
-
cpe:2.3:a:archerirm:archer:6.10.0.3
-
cpe:2.3:a:archerirm:archer:6.11.0.4
-
cpe:2.3:a:archerirm:archer:6.12.0.0
-
cpe:2.3:a:archerirm:archer:6.3.0.0
-
cpe:2.3:a:archerirm:archer:6.8.0.0
-
cpe:2.3:a:archerirm:archer:6.9.3.4