{"api_version":"1","generated_at":"2026-04-22T22:50:54+00:00","cve":"CVE-2022-30584","urls":{"html":"https://cve.report/CVE-2022-30584","api":"https://cve.report/api/cve/CVE-2022-30584.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-30584","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-30584"},"summary":{"title":"CVE-2022-30584","description":"Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-05-26 20:15:00","updated_at":"2023-08-08 14:21:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/677341","name":"https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/677341","refsource":"MISC","tags":[],"title":"Archer Update for Multiple Vulnerabilities - Archer Community - 677341","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.archerirm.community/t5/releases/tkb-p/releases","name":"https://www.archerirm.community/t5/releases/tkb-p/releases","refsource":"MISC","tags":[],"title":"Releases - Archer Community","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-30584","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30584","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"30584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rsa","cpe5":"archer","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-30584","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://www.archerirm.community/t5/releases/tkb-p/releases","refsource":"MISC","name":"https://www.archerirm.community/t5/releases/tkb-p/releases"},{"refsource":"MISC","name":"https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/677341","url":"https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/677341"}]},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R","version":"3.1"}}},"nvd":{"publishedDate":"2022-05-26 20:15:00","lastModifiedDate":"2023-08-08 14:21:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":9},"severity":"HIGH","exploitabilityScore":8,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10.0.0","versionEndExcluding":"6.10.0.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:rsa:archer:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3","versionEndExcluding":"6.9.3.4","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}