CVE-2021-29253

Published: May 26, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 6.9 P2 (6.9.0.2) is affected by an insecure credential storage vulnerability. An malicious attacker with access to the Tableau workbook file may obtain access to credential information to use it in further attacks.

Affected (4)

Products: Rsa: Archer

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Rsa Archer	From 6.4 to 6.6.0.8
Rsa Archer	From 6.7 to 6.7.0.8
Rsa Archer	From 6.8 to 6.8.0.5
Rsa Archer	From 6.9 to 6.9.0.2

Related CWEs

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (4)

https://community.rsa.com/t5/archer-product-advisories/rsa-2021-04-archer-an-rsa-business-update-for-multiple/ta-p/603223

Source: cve@mitre.org

Vendor Advisory

https://www.rsa.com/en-us/company/vulnerability-response-policy

Source: cve@mitre.org

Vendor Advisory

https://community.rsa.com/t5/archer-product-advisories/rsa-2021-04-archer-an-rsa-business-update-for-multiple/ta-p/603223

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.rsa.com/en-us/company/vulnerability-response-policy

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.