CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 5CVE-2022-47529 – RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution
https://notcve.org/view.php?id=CVE-2022-47529
Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protection features via ACL modification. RSA NetWitness Endpoint EDR Agent version 12.x suffers from incorrect access controls that allow for code execution. It allows local users to stop the Endpoint Windows agent from sending the events to a SIEM or make the agent run user-supplied commands. • https://www.exploit-db.com/exploits/51336 https://github.com/hyp3rlinx/CVE-2022-47529 http://seclists.org/fulldisclosure/2023/Mar/26 http://seclists.org/fulldisclosure/2024/Apr/17 https://community.netwitness.com/t5/netwitness-platform-security/nw-2023-04-netwitness-platform-security-advisory-cve-2022-47529/ta-p/696935 https://hyp3rlinx.altervista.org/advisories/RSA_NETWITNESS_EDR_AGENT_INCORRECT_ACCESS_CONTROL_CVE-2022-47529.txt https://packetstormsecurity.com/files/171476/RSA-NetWitness-Endpoint-EDR-Agent •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37316
https://notcve.org/view.php?id=CVE-2022-37316
Archer Platform 6.8 before 6.11 P3 (6.11.0.3) contains an improper API access control vulnerability in a multi-instance system that could potentially present unauthorized metadata to an authenticated user of the affected system. 6.10 P3 HF1 (6.10.0.3.1) is also a fixed release. Archer Platform versiones 6.8 anteriores a 6.11 P3 (6.11.0.3) contiene una vulnerabilidad de control de acceso a la API inapropiado en un sistema multi instancia que podría presentar metadatos no autorizados a un usuario autenticado del sistema afectado. 6.10 P3 HF1 (6.10.0.3.1) también es una versión corregida. • https://archerirm.com https://www.archerirm.community/t5/security-advisories/archer-update-for-improper-access-control/ta-p/682059 •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37318
https://notcve.org/view.php?id=CVE-2022-37318
Archer Platform 6.9 SP2 P2 before 6.11 P3 (6.11.0.3) contain a reflected XSS vulnerability. A remote unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious JavaScript code to the vulnerable web application. This code is then reflected to the victim and gets executed by the web browser in the context of the vulnerable web application. 6.10 P4 (6.10.0.4) and 6.11 P2 HF4 (6.11.0.2.4) are also fixed releases. Archer Platform versiones 6.9 SP2 P2 anteriores a 6.11 P3 (6.11.0.3) contiene una vulnerabilidad de tipo XSS reflejado. Un usuario remoto no autenticado de Archer podría explotar esta vulnerabilidad al engañar a un usuario de la aplicación víctima para que suministre código JavaScript malicioso a la aplicación web vulnerable. • https://archerirm.com https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/682060 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37317
https://notcve.org/view.php?id=CVE-2022-37317
Archer Platform 6.x before 6.11 P3 contain an HTML injection vulnerability. An authenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious code in the context of the web application. 6.10 P4 (6.10.0.4) and 6.11 P2 HF4 (6.11.0.2.4) are also fixed releases. Archer Platform versiones 6.x anteriores a 6.11 P3 contiene una vulnerabilidad de inyección de HTML. Un atacante remoto autenticado podría explotar potencialmente esta vulnerabilidad al engañar a un usuario de la aplicación víctima para ejecutar código malicioso en el contexto de la aplicación web. Las versiones 6.10 P4 (6.10.0.4) y 6.11 P2 HF4 (6.11.0.2.4) también están corregidas. • https://archerirm.com https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/682060 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-33615
https://notcve.org/view.php?id=CVE-2021-33615
RSA Archer 6.8.00500.1003 P5 allows Unrestricted Upload of a File with a Dangerous Type. RSA Archer versión 6.8.00500.1003 P5, permite una Carga sin Restricciones de un Archivo con un Tipo Peligroso • https://community.rsa.com/t5/archer-product-advisories/tkb-p/archer-product-advisories https://github.com/fireeye/Vulnerability-Disclosures https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0027/MNDT-2022-0027.md • CWE-434: Unrestricted Upload of File with Dangerous Type •