CVE-2025-27893
11.03.2025, 09:15
In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation privileges can manipulate immutable fields, such as the creation date, by intercepting and modifying a Copy request via a GenericContent/Record.aspx?id= URI. This enables unauthorized modification of system-generated metadata, compromising data integrity and potentially impacting auditing, compliance, and security controls.Enginsight
Vendor | Product | Version |
---|---|---|
archerirm | archer | 6.0.0.0 ≤ 𝑥 ≤ 6.14.00202.10024 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration