Computer Security
[EN] securityvulns.ru no-pyccku


EMC RSA Archer multiple security vulnerabilities
Published:06.05.2013
Source:
SecurityVulns ID:13069
Type:remote
Threat Level:
6/10
Description:Code execution, crosite scripting, authorization bypass.
Affected:EMC : RSA Archer GRC 5.3
CVE:CVE-2013-0934 (EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and modify global reports via unspecified vectors.)
 CVE-2013-0933 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-0932 (EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and upload arbitrary files via unspecified vectors.)
Original documentdocumentEMC, ESA-2013-015: RSA ArcherĀ® GRC Multiple Vulnerabilities (06.05.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod