CVE-2021-29253
Published May 26, 2021
Last updated 3 years ago
Overview
- Description
- The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 6.9 P2 (6.9.0.2) is affected by an insecure credential storage vulnerability. An malicious attacker with access to the Tableau workbook file may obtain access to credential information to use it in further attacks.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-522
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC7F0829-9814-43F2-B43A-347EF6FA5614",
"versionEndExcluding": "6.6.0.8",
"versionStartIncluding": "6.4"
},
{
"criteria": "cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D6A7FD0-CF21-4B3D-8E75-A9E602DA6E80",
"versionEndExcluding": "6.7.0.8",
"versionStartIncluding": "6.7"
},
{
"criteria": "cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DCFDCA11-635C-4362-9333-20496E12395E",
"versionEndExcluding": "6.8.0.5",
"versionStartIncluding": "6.8"
},
{
"criteria": "cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "284AC9E9-E98F-44C9-AA0D-005BEB5EF4F2",
"versionEndExcluding": "6.9.0.2",
"versionStartIncluding": "6.9"
}
],
"operator": "OR"
}
]
}
]