Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-13	CVE-2019-3715	Information Exposure Through Log Files vulnerability in RSA Archer GRC Platform RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. local low complexity rsa CWE-532	5.5
2019-01-03	CVE-2018-15780	Unspecified vulnerability in RSA Archer GRC Platform RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability. network low complexity rsa	6.5
2017-10-11	CVE-2017-14372	Cross-site Scripting vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages. network low complexity rsa CWE-79	6.1
2017-10-11	CVE-2017-14371	Cross-site Scripting vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting via the request URL. network low complexity rsa CWE-79	6.1
2017-10-11	CVE-2017-14370	Cross-site Scripting vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field. network low complexity rsa CWE-79	5.4
2017-10-11	CVE-2017-14369	Unspecified vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege escalation vulnerability. network low complexity rsa	4.3