CVE-2019-3758 : Security Advisory and Response

RSA Archer versions prior to 6.6 P2 (6.6.0.2) have an improper authentication vulnerability that allows unauthorized access to the system.

Understanding CVE-2019-3758

This CVE involves an authentication bypass vulnerability in RSA Archer versions prior to 6.6 P2 (6.6.0.2), impacting Dell as the vendor.

What is CVE-2019-3758?

The vulnerability in RSA Archer allows system administrators to create user accounts with weak credentials, enabling unauthenticated attackers to gain unauthorized access.

The Impact of CVE-2019-3758

CVSS Score: 8.1 (High)
Severity: High
Attack Vector: Network
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Unchanged

Technical Details of CVE-2019-3758

RSA Archer versions prior to 6.6 P2 (6.6.0.2) are affected by an authentication bypass vulnerability.

Vulnerability Description

The vulnerability allows system administrators to create user accounts with insufficient credentials, leading to unauthorized access by attackers.

Affected Systems and Versions

Affected Product: RSA Archer
Vendor: Dell
Affected Versions: Prior to 6.6 P2 (6.6.0.2)

Exploitation Mechanism

Attackers exploit the improper authentication to create user accounts with weak credentials, bypassing the system's security measures.

Mitigation and Prevention

Immediate action is crucial to mitigate the risks posed by CVE-2019-3758.

Immediate Steps to Take

Update RSA Archer to version 6.6 P2 (6.6.0.2) or later to patch the vulnerability.
Monitor user accounts for any unauthorized access or suspicious activities.

Long-Term Security Practices

Implement strong password policies and multi-factor authentication to enhance system security.
Regularly review and update access controls to prevent unauthorized account creation.

Patching and Updates

Stay informed about security updates and patches released by Dell for RSA Archer to address vulnerabilities.