CVE-2017-8025

Published: Oct 11, 2017Modified: May 13, 2026

7.4

Vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.4 / Impact: 5.9

Source: NVD

Description

RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to upload malicious files via attachments to arbitrary paths on the web server.

Affected (1)

Products: Emc: Archer Grc Platform

1 product

Archer Grc Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Emc Archer Grc Platform	Up to 6.2.0.4

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://seclists.org/fulldisclosure/2017/Oct/12

Source: security_alert@emc.com

Mailing ListThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/101195

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039518

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2017/Oct/12

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/101195

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039518

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.