CVE-2023-32759

HIGH

Archer < 6.12.0.6 - Exposure to Wrong Actor

Title source: rule

Description

An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL.

References (2)

[Release Notes] https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821

[Vendor Advisory] https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362

Scores

CVSS v3 7.5

EPSS 0.0017

EPSS Percentile 38.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-668

Status published

Affected Products (1)

archerirm/archer < 6.12.0.6

Timeline

Published Jul 14, 2023

Tracked Since Feb 18, 2026