Rsa Archer_grc_platform

7 CVEs affecting Rsa Archer_grc_platform. Latest disclosed: 2019-03-13. Critical: 0, High: 2.

Top CVEs affecting Rsa Archer_grc_platform
CVESeverityScorePublishedSummary
CVE-2019-3716High7.82019-03-13RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The database connection password may get logged in plain text in the RSA…
CVE-2019-3715High7.82019-03-13RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log…
CVE-2017-14372Medium6.12017-10-11RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages. Attackers could poten…
CVE-2017-14371Medium6.12017-10-11RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting via the request URL. Attackers could potentially exploit this to execute…
CVE-2017-14370Medium5.42017-10-11RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field. An authenticated attacker may potentially ex…
CVE-2018-15780Medium4.32019-01-03RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability. A remote malicious user could potentially exploit this vulnerability to…
CVE-2017-14369Medium4.32017-10-11RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege escalation vulnerability. A low privileged RSA Archer user may potentially exploit this vul…