← Retour aux CVEs
CVE-2023-48641
HIGH7.5
Description
Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference vulnerability. An authenticated malicious user in a multi-instance installation could potentially exploit this vulnerability by manipulating application resource references in user requests to bypass authorization checks, in order to gain execute access to AWF application resources.
Details CVE
Score CVSS v3.17.5
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L
Vecteur d'attaqueNETWORK
ComplexiteHIGH
Privileges requisHIGH
Interaction utilisateurREQUIRED
Publie12/12/2023
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
archerirm:archer
Faiblesses (CWE)
CWE-639CWE-639
References
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.