Vulnerabilities > EMC > RSA Archer GRC

DATE CVE VULNERABILITY TITLE RISK
2015-09-26 CVE-2015-4543 Information Exposure vulnerability in EMC RSA Archer GRC 5.5.0/5.5.1/5.5.2
EMC RSA Archer GRC 5.x before 5.5.3 uses cleartext for stored passwords in unspecified circumstances, which allows remote authenticated users to obtain sensitive information by reading database fields.
network
low complexity
emc CWE-200
4.0
4.0
2015-09-26 CVE-2015-4542 Permissions, Privileges, and Access Controls vulnerability in EMC RSA Archer GRC 5.5.0/5.5.1/5.5.2
EMC RSA Archer GRC 5.x before 5.5.3 allows remote authenticated users to bypass intended access restrictions, and read or modify Discussion Forum Fields messages, via unspecified vectors.
network
low complexity
emc CWE-264
6.5
6.5
2015-09-26 CVE-2015-4541 Cross-site Scripting vulnerability in EMC RSA Archer GRC 5.5.0/5.5.1/5.5.2
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
emc CWE-79
3.5
3.5