Rsa Archer_grc_platform
7 CVEs affecting Rsa Archer_grc_platform. Latest disclosed: 2019-03-13. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-3716 | High | 7.8 | 2019-03-13 | RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The database connection password may get logged in plain text in the RSA… |
CVE-2019-3715 | High | 7.8 | 2019-03-13 | RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log… |
CVE-2017-14372 | Medium | 6.1 | 2017-10-11 | RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages. Attackers could poten… |
CVE-2017-14371 | Medium | 6.1 | 2017-10-11 | RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting via the request URL. Attackers could potentially exploit this to execute… |
CVE-2017-14370 | Medium | 5.4 | 2017-10-11 | RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field. An authenticated attacker may potentially ex… |
CVE-2018-15780 | Medium | 4.3 | 2019-01-03 | RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability. A remote malicious user could potentially exploit this vulnerability to… |
CVE-2017-14369 | Medium | 4.3 | 2017-10-11 | RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege escalation vulnerability. A low privileged RSA Archer user may potentially exploit this vul… |