| Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-14369 | 4.0 |
RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege escalation vulnerability. A low privileged RSA Archer user may potentially exploit this vulnerability to elevate their privileges and export certain application records.
|
03-10-2019 - 00:03 | 11-10-2017 - 19:29 | |
| CVE-2017-8016 | 3.5 |
RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Questionnaire ID field. An authenticated attacker may potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the a
|
03-11-2017 - 17:19 | 11-10-2017 - 19:29 | |
| CVE-2017-8025 | 6.8 |
RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to upload malicious files via attachments to arbitrary paths on the web serve
|
03-11-2017 - 17:13 | 11-10-2017 - 19:29 | |
| CVE-2017-14372 | 4.3 |
RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages. Attackers could potentially exploit this to execute arbitrary HTML in the user's browser session in the context
|
27-10-2017 - 14:11 | 11-10-2017 - 19:29 | |
| CVE-2017-14371 | 4.3 |
RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting via the request URL. Attackers could potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer app
|
27-10-2017 - 14:10 | 11-10-2017 - 19:29 | |
| CVE-2017-14370 | 3.5 |
RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field. An authenticated attacker may potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the af
|
27-10-2017 - 14:10 | 11-10-2017 - 19:29 |