CVE-2021-29253

MEDIUM

RSA Archer < 6.6.0.8 - Insufficiently Protected Credentials

Title source: rule

Description

The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 6.9 P2 (6.9.0.2) is affected by an insecure credential storage vulnerability. An malicious attacker with access to the Tableau workbook file may obtain access to credential information to use it in further attacks.

References (2)

[Vendor Advisory] https://community.rsa.com/t5/archer-product-advisories/rsa-2021-04-archer-an-rsa-business-update-for-multiple/ta-p/603223

[Vendor Advisory] https://www.rsa.com/en-us/company/vulnerability-response-policy

Scores

CVSS v3 5.1

EPSS 0.0005

EPSS Percentile 15.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522

Status published

Affected Products (1)

rsa/archer < 6.6.0.8

Timeline

Published May 26, 2021

Tracked Since Feb 18, 2026