Rsa Archer Grc Platform — known CVE vulnerabilities
Every CVE whose affected-product data names Rsa Archer Grc Platform, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2019-3716 — CVSS 7.8 (high): RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The database connection password may get logged in…
CVE-2019-3715 — CVSS 7.8 (high): RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in…
CVE-2017-14372 — CVSS 6.1 (medium): RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages…
CVE-2017-14371 — CVSS 6.1 (medium): RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting via the request URL. Attackers could potentially…
CVE-2017-14370 — CVSS 5.4 (medium): RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field. An authenticated…
CVE-2018-15780 — CVSS 4.3 (medium): RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability. A remote malicious user could potentially exploit…
CVE-2017-14369 — CVSS 4.3 (medium): RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege escalation vulnerability. A low privileged RSA Archer user may…