Computer Security
[EN] securityvulns.ru no-pyccku


EMC RSA Archer multiple security vulnerabilities
Published:26.08.2014
Source:
SecurityVulns ID:13935
Type:remote
Threat Level:
5/10
Description:CSRF, Pribilege escalation, unauthorized access.
Affected:EMC : RSA Archer 5.5
CVE:CVE-2014-2517 (Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors.)
 CVE-2014-2505 (EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.)
 CVE-2014-0641 (Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.)
 CVE-2014-0640 (EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.)
Original documentdocumentEMC, ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities (26.08.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod