Shodan
Vulnerabilities
Vulnerable Software
Archerirm:  Security Vulnerabilities
CVE-2023-45357
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure vulnerability. An authenticated attacker could potentially obtain access to sensitive information via a popup warning message. 6.14 (6.14.0) is also a fixed release.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-17
CVE-2023-45358
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. 6.14 (6.14.0) is also a fixed release.
CVSS Score
8.5
EPSS Score
0.002
Published
2023-10-17
CVE-2023-37223
Cross Site Scripting (XSS) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows a remote authenticated attacker to execute arbitrary code via a crafted malicious script.
CVSS Score
5.4
EPSS Score
0.005
Published
2023-07-14
CVE-2023-37224
An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via the log files.
CVSS Score
6.0
EPSS Score
0.0
Published
2023-07-14
CVE-2023-32759
An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-07-14
CVE-2023-32760
An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication.
CVSS Score
7.7
EPSS Score
0.002
Published
2023-07-14
CVE-2023-32761
Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request.
CVSS Score
8.1
EPSS Score
0.003
Published
2023-07-14
CVE-2023-30639
Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. 6.11.P4 (6.11.0.4) is also a fixed release.
CVSS Score
7.1
EPSS Score
0.002
Published
2023-05-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved