Vulnerabilities > CVE-2014-2505 - Remote Code Execution vulnerability in EMC RSA Archer Egrc 5.3/5.4/5.5

CVSS 5.4 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

emc

NVD

Published: 2014-08-20

Updated: 2017-08-29

Summary

EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Emc EMC RSA Archer Egrc 5.3 EMC RSA Archer Egrc 5.4 EMC RSA Archer Egrc 5.5	4

References

http://archives.neohapsis.com/archives/bugtraq/2014-08/0097.html
http://www.securityfocus.com/bid/69290
http://www.securitytracker.com/id/1030738
https://exchange.xforce.ibmcloud.com/vulnerabilities/95360