CVE-2020-29536
MEDIUMRSA Archer < 6.6.0.8 - Authenticated Sensitive Information Exposure via Service File Path
Title source: llmDescription
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote authenticated malicious attacker with access to service files may obtain sensitive information to use it in further attacks.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.rsa.com/en-us/company/vulnerability-response-policy
Vendor Advisory x_refsource_confirm
https://community.rsa.com/docs/DOC-115223
Scores
CVSS v3
4.3
EPSS
0.0054
EPSS Percentile
40.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-327
Status
published
Products (1)
rsa/archer
6.6 - 6.6.0.8
Published
Jan 29, 2021
Tracked Since
Feb 18, 2026