RSA Archer GRC 6.2.0.5 XSS / File Upload / Privilege Escalation Vulnerabilities

🗓️ 07 Oct 2017 00:00:00Reported by Mohit RawatType

zdt🔗 0day.today👁 48 Views

RSA Archer GRC 6.2.0.5 Vulnerabilities Patche

Reporter	Title	Published	Views	Family All 40
CNVD	EMC RSA Archer GRC Platform Cross-Site Scripting Vulnerability	9 Oct 201700:00	–	cnvd
CNVD	EMC RSA Archer product elevation of privilege vulnerability	9 Oct 201700:00	–	cnvd
CNVD	EMC RSA Archer GRC Platform Cross-Site Scripting Vulnerability (CNVD-2017-32996)	9 Oct 201700:00	–	cnvd
CNVD	EMC RSA Archer GRC Platform Cross-Site Scripting Vulnerability (CNVD-2017-32997)	9 Oct 201700:00	–	cnvd
CNVD	EMC RSA Archer GRC Platform Cross-Site Scripting Vulnerability (CNVD-2017-32998)	9 Oct 201700:00	–	cnvd
CNVD	EMC RSA Archer product arbitrary file upload vulnerability	9 Oct 201700:00	–	cnvd
CVE	CVE-2017-14369	11 Oct 201719:00	–	cve
CVE	CVE-2017-14370	11 Oct 201719:00	–	cve
CVE	CVE-2017-14371	11 Oct 201719:00	–	cve
CVE	CVE-2017-14372	11 Oct 201719:00	–	cve

ESA-2017-111: RSA Archer(r) GRC Platform Multiple Vulnerabilities
EMC Identifier:  ESA-2017-111

CVE Identifier:  CVE-2017-8016, CVE-2017-8025, CVE-2017-14369, CVE-2017-14370, CVE-2017-14371, CVE-2017-14372

Severity Rating: CVSSv3 Base Score: See below for scores of individual CVEs

Affected Products:
RSA Archer versions prior to 6.2.0.5 

Summary:
RSA Archer GRC 6.2.0.5 Platform contains fixes for several vulnerabilities that could potentially be exploited by malicious users to compromise an affected system. 
 
Details:
Multiple components within the RSA Archer product have been updated to address various vulnerabilities:

Stored Cross Site Scripting Vulnerabilities (CVE-2017-8016 and CVE-2017-14370) 
RSA Archer is affected by stored cross-site scripting vulnerabilities via Questionnaire ID (CVE-2017-8016) and Source Asset ID (CVE-2017-14370) fields. An authenticated attacker may potentially exploit these vulnerabilities to execute arbitrary HTML in the users browser session in the context of the affected RSA Archer application.

CVSSv3 Base Score: 5.4 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

 
Arbitrary File Upload Vulnerability (CVE-2017-8025)
RSA Archer is affected by an arbitrary file upload vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to upload malicious files via attachments to arbitrary paths on the web server.

CVSSv3 Base Score: 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

 
Reflected Cross Site Scripting Vulnerabilities (CVE-2017-14371 and CVE-2017-14372) 
RSA Archer is affected by reflected cross-site scripting vulnerabilities via request URL parameter (CVE-2017-14371) and certain RSA Archer Help pages (CVE-2017-14372). Attackers could potentially exploit these vulnerabilities to execute arbitrary HTML in the users browser session in the context of the affected RSA Archer application.

CVSSv3 Base Score: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

 
Privilege Escalation Vulnerability (CVE-2017-14369)
RSA Archer is affected by a privilege escalation vulnerability. A low privileged RSA Archer user may potentially exploit this vulnerability to elevate their privileges and export certain application records. 

CVSSv3 Base Score: 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)


Recommendation:
RSA recommends all customers upgrade to the version mentioned below at the earliest opportunity. 
RSA Archer GRC 6.2 Patch 6

For additional documentation, downloads, and more, visit the RSA Archer Suite page on RSA Link.


Credits:
RSA would like to thank the following individuals for reporting these vulnerabilities:
CVE-2017-8025 and CVE-2017-14371: Erlend Leiknes, Security Consultant with Mnemonic AS
CVE-2017-14369: Mohit Rawat

#  0day.today [2018-03-28]  #

07 Oct 2017 00:00Current

6.3Medium risk

Vulners AI Score6.3

EPSS0.00761