Lucene search

K
EmcRsa Archer Egrc5.5

7 matches found

CVE
CVE
added 2015/08/20 10:59 a.m.42 views

CVE-2015-0542

Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA Archer GRC 5.5 SP1 before P3 allow remote attackers to hijack the authentication of arbitrary users.

6.8CVSS7.5AI score0.00126EPSS
CVE
CVE
added 2014/08/20 11:17 a.m.30 views

CVE-2014-0641

Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.

6.8CVSS7.4AI score0.00142EPSS
CVE
CVE
added 2014/08/20 11:17 a.m.30 views

CVE-2014-2505

EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.

5.4CVSS7AI score0.00304EPSS
CVE
CVE
added 2014/08/20 11:17 a.m.30 views

CVE-2014-2517

Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors.

6.5CVSS6.6AI score0.00498EPSS
CVE
CVE
added 2016/07/04 4:59 p.m.30 views

CVE-2016-0899

EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Content-Type header for .bak files.

6.3CVSS6AI score0.00174EPSS
CVE
CVE
added 2014/08/20 11:17 a.m.29 views

CVE-2014-0640

EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.

4CVSS6.4AI score0.00199EPSS
CVE
CVE
added 2014/12/12 6:59 p.m.28 views

CVE-2014-4633

Cross-site scripting (XSS) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00225EPSS