CVE-2024-26309

Published: Mar 8, 2024Modified: Mar 26, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Archer Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a sensitive information disclosure vulnerability. An unauthenticated attacker could potentially obtain access to sensitive information via an internal URL.

Affected (1)

Products: Archerirm: Archer

Archerirm

1 product

Archer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Archerirm Archer	From 6.3.0.0 to 6.14.0.2.2

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://archerirm.com

Source: cve@mitre.org

Product

https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/717102

Source: cve@mitre.org

Not Applicable

https://archerirm.com

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/717102

Source: af854a3a-2127-422b-91ae-364da2661108

Not Applicable

Timeline

No history available yet.