CVE-2024-26310

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 21, 2024

Updated: Feb 22, 2024

CWE ID 284

Summary

CVE-2024-26310 is a newly disclosed cybersecurity vulnerability affecting Archer Platform version 6.8 before 6.14 P2 (6.14.0.2). This issue involves an improper access control problem. Authenticated attackers can misuse this weakness to unauthorizedly access sensitive API information that is typically restricted to users with elevated privileges. This vulnerability poses a significant risk and requires immediate attention from Archer Platform users to apply the necessary patches or updates.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

RSA Archer GRC

Affected Vendors

RSA Security

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ukg35J
https://www.cve.org/CVERecord?id=CVE-2024-26310
https://nvd.nist.gov/vuln/detail/CVE-2024-26310

Back to Vulnerability Database