Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-26948

CVSS 5.8 · Medium EPSS 0.26% · P49
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-26948

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
RSA Archer安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
RSA Archer是英国RSA公司的一款企业IT治理和合规治理的产品,包括策略、风险和合规定义和管理。它能够把我们所有的企业资产,还有一些监测到的信息全部汇总,整理到统一的平台之上,给出具有业务层面参考的价值,以及一些操作的智能和综合的管理。 Archer 6.x版本至6.9 SP1 (6.9.1.0)版本存在安全漏洞,该漏洞源于Archer RSS源 集成受到不安全凭证存储漏洞的影响。攻击者利用该漏洞获得对凭证信息的访问权,以便在进一步的攻击中使用它。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2022-26948

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-26948

登录查看更多情报信息。

Same Patch Batch · n/a · 2022-03-29 · 37 CVEs total

CVE-2022-269516.5 MEDIUMRSA Archer 跨站脚本漏洞
CVE-2022-269476.3 MEDIUMRSA Archer跨站脚本漏洞
CVE-2022-269505.4 MEDIUMRSA Archer 输入验证错误漏洞
CVE-2022-269495.3 MEDIUMRSA Archer 安全漏洞
CVE-2022-239375.3 MEDIUMWind River VxWorks 缓冲区错误漏洞
CVE-2022-26244Sourcecodester Hospital Patient Records Management System 跨站脚本漏洞
CVE-2021-42970cxuucms跨站脚本漏洞
CVE-2022-22948VMware vCenter Server 安全漏洞
CVE-2022-1122OpenJPEG 安全漏洞
CVE-2021-43109PuneethReddyHc Online Shopping System Advanced SQL注入漏洞
CVE-2021-43110PuneethReddyHc Online Shopping System Advanced 访问控制错误漏洞
CVE-2021-42911Draytek多款产品格式化字符串错误漏洞
CVE-2021-43118多款 DrayTek Vigor 产品命令注入漏洞
CVE-2021-44082Textpattern CMS 跨站脚本漏洞
CVE-2021-44081Open5Gs 缓冲区错误漏洞
CVE-2015-3298Yubico ykneo-openpgp 数据伪造问题漏洞
CVE-2022-27815SWHKD 后置链接漏洞
CVE-2022-27432Pluck 跨站请求伪造漏洞
CVE-2021-41594RSA Archer 安全漏洞
CVE-2021-44581Kreado Kreasfero SQL注入漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2022-26948

No comments yet

Leave a comment