Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtMohit Rawat1337DAY-ID-28752
HistoryOct 07, 2017 - 12:00 a.m.

RSA Archer GRC 6.2.0.5 XSS / File Upload / Privilege Escalation Vulnerabilities

2017-10-0700:00:00
Mohit Rawat
0day.today
33

0.006 Low

EPSS

Percentile

79.3%

JSON

RSA Archer GRC version 6.2.0.5 suffers from cross site scripting, privilege escalation and remote file upload vulnerabilities.

ESA-2017-111: RSA Archer(r) GRC Platform Multiple Vulnerabilities
EMC Identifier:  ESA-2017-111

CVE Identifier:  CVE-2017-8016, CVE-2017-8025, CVE-2017-14369, CVE-2017-14370, CVE-2017-14371, CVE-2017-14372

Severity Rating: CVSSv3 Base Score: See below for scores of individual CVEs

Affected Products:
RSA Archer versions prior to 6.2.0.5 

Summary:
RSA Archer GRC 6.2.0.5 Platform contains fixes for several vulnerabilities that could potentially be exploited by malicious users to compromise an affected system. 
 
Details:
Multiple components within the RSA Archer product have been updated to address various vulnerabilities:

Stored Cross Site Scripting Vulnerabilities (CVE-2017-8016 and CVE-2017-14370) 
RSA Archer is affected by stored cross-site scripting vulnerabilities via Questionnaire ID (CVE-2017-8016) and Source Asset ID (CVE-2017-14370) fields. An authenticated attacker may potentially exploit these vulnerabilities to execute arbitrary HTML in the users browser session in the context of the affected RSA Archer application.

CVSSv3 Base Score: 5.4 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

 
Arbitrary File Upload Vulnerability (CVE-2017-8025)
RSA Archer is affected by an arbitrary file upload vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to upload malicious files via attachments to arbitrary paths on the web server.

CVSSv3 Base Score: 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

 
Reflected Cross Site Scripting Vulnerabilities (CVE-2017-14371 and CVE-2017-14372) 
RSA Archer is affected by reflected cross-site scripting vulnerabilities via request URL parameter (CVE-2017-14371) and certain RSA Archer Help pages (CVE-2017-14372). Attackers could potentially exploit these vulnerabilities to execute arbitrary HTML in the users browser session in the context of the affected RSA Archer application.

CVSSv3 Base Score: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

 
Privilege Escalation Vulnerability (CVE-2017-14369)
RSA Archer is affected by a privilege escalation vulnerability. A low privileged RSA Archer user may potentially exploit this vulnerability to elevate their privileges and export certain application records. 

CVSSv3 Base Score: 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)


Recommendation:
RSA recommends all customers upgrade to the version mentioned below at the earliest opportunity. 
RSA Archer GRC 6.2 Patch 6

For additional documentation, downloads, and more, visit the RSA Archer Suite page on RSA Link.


Credits:
RSA would like to thank the following individuals for reporting these vulnerabilities:
CVE-2017-8025 and CVE-2017-14371: Erlend Leiknes, Security Consultant with Mnemonic AS
CVE-2017-14369: Mohit Rawat

#  0day.today [2018-03-28]  #

Related

nessus 1
cvelist 4
nvd 4
prion 4
cve 4
nessus
nessus
EMC RSA Archer < 6.2.0.5 Multiple Vulnerabilities
2017-10-12 00:00:00
cvelist
cvelist
CVE-2017-14371
2017-10-11 19:00:00
CVE-2017-14369
2017-10-11 19:00:00
CVE-2017-8025
2017-10-11 19:00:00
nvd
nvd
CVE-2017-14371
2017-10-11 19:29:00
CVE-2017-8025
2017-10-11 19:29:00
CVE-2017-14369
2017-10-11 19:29:00
prion
prion
Cross site scripting
2017-10-11 19:29:00
Privilege escalation
2017-10-11 19:29:00
Cross site scripting
2017-10-11 19:29:00
cve
cve
CVE-2017-8025
2017-10-11 19:29:00
CVE-2017-14371
2017-10-11 19:29:00
CVE-2017-14369
2017-10-11 19:29:00

0.006 Low

EPSS

Percentile

79.3%

JSON
Related for 1337DAY-ID-28752
nessus1cvelist4nvd4prion4cve4