- Description
- In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation privileges can manipulate immutable fields, such as the creation date, by intercepting and modifying a Copy request via a GenericContent/Record.aspx?id= URI. This enables unauthorized modification of system-generated metadata, compromising data integrity and potentially impacting auditing, compliance, and security controls.
- Source
- cve@mitre.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 1.8
- Impact score
- 1.4
- Exploitability score
- 0.4
- Vector string
- CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N
- Severity
- LOW
- cve@mitre.org
- CWE-472
- Hype score
- Not currently trending