CVE CVE-2019-3758 Mappings

RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2019-3758 RSA Archer primary_impact T1190 Exploit Public-Facing Application
CVE-2019-3758 RSA Archer secondary_impact T1136 Create Account