CVE-2023-48641

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 12, 2023

Updated: Dec 15, 2023

CWE ID 639

Summary

CVE-2023-48641 is a vulnerability affecting Archer Platform version 6.x before 6.14 P1 HF2 (6.14.0.1.2). This issue involves an insecure direct object reference, allowing authenticated attackers in multi-instance installations to manipulate application resource references in user requests. By bypassing authorization checks, they can potentially gain execute access to AWF application resources.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Archer Integrated Risk Management

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tcXXdL
https://www.cve.org/CVERecord?id=CVE-2023-48641
https://nvd.nist.gov/vuln/detail/CVE-2023-48641

Back to Vulnerability Database

CVE-2023-48641

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations