Vulnerabilities > RSA > Archer GRC Platform

DATE CVE VULNERABILITY TITLE RISK
2019-03-13 CVE-2019-3716 Information Exposure Through Log Files vulnerability in RSA Archer GRC Platform
RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability.
local
low complexity
rsa CWE-532
7.8
7.8
2019-03-13 CVE-2019-3715 Information Exposure Through Log Files vulnerability in RSA Archer GRC Platform
RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability.
local
low complexity
rsa CWE-532
5.5
5.5
2019-01-03 CVE-2018-15780 Unspecified vulnerability in RSA Archer GRC Platform
RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability.
network
low complexity
rsa
6.5
6.5
2017-10-11 CVE-2017-14372 Cross-site Scripting vulnerability in RSA Archer GRC Platform
RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages.
network
low complexity
rsa CWE-79
6.1
6.1
2017-10-11 CVE-2017-14371 Cross-site Scripting vulnerability in RSA Archer GRC Platform
RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting via the request URL.
network
low complexity
rsa CWE-79
6.1
6.1
2017-10-11 CVE-2017-14370 Cross-site Scripting vulnerability in RSA Archer GRC Platform
RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field.
network
low complexity
rsa CWE-79
5.4
5.4
2017-10-11 CVE-2017-14369 Unspecified vulnerability in RSA Archer GRC Platform
RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege escalation vulnerability.
network
low complexity
rsa
4.3
4.3