CVE-2020-29538 MEDIUM

CVE-2020-29538

Vendor N/A
Product n/a
Published January 29, 2021
Last update August 4, 2024

CVSS base score

4.9/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AC:L/AV:N/A:N/C:N/I:H/PR:H/S:U/UI:N

What the vulnerability does

01Description

Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather information about the system, and may use this information in subsequent attacks.

Key dates

02Disclosure timeline

January 29, 2021 CVE published
August 4, 2024 Record updated