CVE-2023-37224

MEDIUM

Archer Platform < 6.13.0.1 - Authenticated Sensitive Information Exposure via Log Files

Title source: llm

Description

An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via the log files.

References (2)

Core 2

Core References

Product

https://archerirm.com

Vendor Advisory

https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362

Scores

CVSS v3 6.0

EPSS 0.0018

EPSS Percentile 7.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-532

Status published

Products (1)

archerirm/archer < 6.13.0.1

Published Jul 14, 2023

Tracked Since Feb 18, 2026