EMC RSA Archer eGRC 5.5

CPE Details

EMC RSA Archer eGRC 5.5
emc
rsa_archer_egrc
5.5
2014-08-20
15h56 +00:00
2014-08-22
19h44 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:emc:rsa_archer_egrc:5.5:*:*:*:*:*:*:*

Informations

Vendor

emc

Product

rsa_archer_egrc

Version

5.5

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-0899 2016-07-04 14h00 +00:00 EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Content-Type header for .bak files.
6.3
Medium
CVE-2014-4633 2014-12-12 17h00 +00:00 Cross-site scripting (XSS) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
CVE-2014-0640 2014-08-20 08h00 +00:00 EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.
4
CVE-2014-0641 2014-08-20 08h00 +00:00 Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.
6.8
CVE-2014-2505 2014-08-20 08h00 +00:00 EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.
5.4
CVE-2014-2517 2014-08-20 08h00 +00:00 Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors.
6.5