CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-49209

Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass vulnerability related to supporting application files. A remote unprivileged attacker could potentially exploit this vulnerability to elevate their privileges and upload additional system icons.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.7%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/747545
https://www.archerirm.community/t5/platform-announcements/tkb-p/product-advisories-tkb

Products affected by CVE-2024-49209

Archerirm » Archer » Version: 2024.03

cpe:2.3:a:archerirm:archer:2024.03
Archerirm » Archer » Version: 2024.04

cpe:2.3:a:archerirm:archer:2024.04
Archerirm » Archer » Version: 2024.06

cpe:2.3:a:archerirm:archer:2024.06
Archerirm » Archer » Version: 2024.08

cpe:2.3:a:archerirm:archer:2024.08

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-49209

Products

Pricing

Contact Us