Rsa Archer Egrc

rsa_archer_egrc

Vendor: Emc • 23 CVEs

CVEs (23)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-5002 1Emc 1Rsa Archer Egrc May 13, 2026 Jul 7, 2017 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and condu...Show more EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials and silently authenticate them to the RSA Archer application without the victims realizing an attack occurred.Show less
CVE-2017-5001 1Emc 1Rsa Archer Egrc May 13, 2026 Jul 7, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerabili...Show more EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerability to use information disclosed in an error message to launch another more focused attack.Show less
CVE-2017-5000 1Emc 1Rsa Archer Egrc May 13, 2026 Jul 7, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerabili...Show more EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerability to use information disclosed in an error message to launch another more focused attack.Show less
CVE-2017-4999 1Emc 1Rsa Archer Egrc May 13, 2026 Jul 7, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may pote...Show more EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may potentially exploit this vulnerability to elevate their privileges and view other users' discussion forum messages.Show less
CVE-2017-4998 1Emc 1Rsa Archer Egrc May 13, 2026 Jul 7, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. A remote low privileged attacker may potentially exploit the vulnerability to exe...Show more EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. A remote low privileged attacker may potentially exploit the vulnerability to execute unauthorized requests on behalf of the victim, using the authenticated user's privileges.Show less
CVE-2016-0899 1Emc 1Rsa Archer Egrc May 6, 2026 Jul 4, 2016 N/A· v4 6.3 MEDIUM· v3 3.5 LOW· v2 EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Content-Type header for...Show more EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Content-Type header for .bak files.Show less
CVE-2015-0542 1Emc 1Rsa Archer Egrc May 6, 2026 Aug 20, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA Archer GRC 5.5 SP1 before P3 allow remote attackers to hijack the authentication of arbitrary users.
CVE-2014-4633 1Emc 1Rsa Archer Egrc May 6, 2026 Dec 12, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-2517 1Emc 1Rsa Archer Egrc May 6, 2026 Aug 20, 2014 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors.
CVE-2014-2505 1Emc 1Rsa Archer Egrc May 6, 2026 Aug 20, 2014 N/A· v4 N/A· v3 5.4 MEDIUM· v2 EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.
CVE-2014-0641 1Emc 1Rsa Archer Egrc May 6, 2026 Aug 20, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2014-0640 1Emc 1Rsa Archer Egrc May 6, 2026 Aug 20, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.
CVE-2014-0639 1Emc 1Rsa Archer Egrc May 6, 2026 May 25, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.4 SP1 P3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-6178 1Emc 1Rsa Archer Egrc Apr 29, 2026 Dec 19, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.4 SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-3277 1Emc 1Rsa Archer Egrc Apr 29, 2026 Sep 5, 2013 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2013-3276 1Emc 1Rsa Archer Egrc Apr 29, 2026 Sep 5, 2013 N/A· v4 N/A· v3 6.0 MEDIUM· v2 EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to bypass intended access restrictions and complete a login by leveraging a deactivated account.
CVE-2013-0934 1Emc 2Rsa Archer Egrc Rsa Archer Smartsuite Apr 29, 2026 May 7, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and modify global reports via unspecified vectors.
CVE-2013-0933 1Emc 2Rsa Archer Egrc Rsa Archer Smartsuite Apr 29, 2026 May 7, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0932 1Emc 2Rsa Archer Egrc Rsa Archer Smartsuite Apr 29, 2026 May 7, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and upload arbitrary files via unspecified vectors.
CVE-2012-2294 1Emc 2Rsa Archer Egrc Rsa Archer Smartsuite Apr 29, 2026 Feb 6, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to conduct clickjacking attacks via a crafted web page.

12 Next