CVE-2014-2505
https://notcve.org/view.php?id=CVE-2014-2505
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors. EMC RSA Archer GRC Platform 5.x anterior a 5.5 SP1 permite a atacantes remotos provocar la descarga de código arbitrario, y como consecuencia cambiar la funcionalidad del producto, a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2014-08/0097.html http://www.securityfocus.com/bid/69290 http://www.securitytracker.com/id/1030738 https://exchange.xforce.ibmcloud.com/vulnerabilities/95360 •
CVE-2014-0640
https://notcve.org/view.php?id=CVE-2014-0640
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors. EMC RSA Archer GRC Platform 5.x anterior a 5.5 SP1 permite a usuarios remotos autenticados evadir las restricciones sobre el acceso a recursos a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2014-08/0097.html http://www.securityfocus.com/bid/69288 http://www.securitytracker.com/id/1030738 https://exchange.xforce.ibmcloud.com/vulnerabilities/95362 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-2517
https://notcve.org/view.php?id=CVE-2014-2517
Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors. Vulnerabilidad no especificada en EMC RSA Archer GRC Platform 5.x anterior a 5.5 SP1 permite a usuarios remotos autenticados ganar privilegios a través de vectores desconocidos. • http://archives.neohapsis.com/archives/bugtraq/2014-08/0097.html http://www.securityfocus.com/bid/69287 http://www.securitytracker.com/id/1030738 https://exchange.xforce.ibmcloud.com/vulnerabilities/95363 •
CVE-2014-0639
https://notcve.org/view.php?id=CVE-2014-0639
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.4 SP1 P3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de XSS en EMC RSA Archer 5.x anterior a GRC 5.4 SP1 P3 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2014-05/0134.html http://packetstormsecurity.com/files/126788/RSA-Archer-GRC-Cross-Site-Scripting.html http://www.securityfocus.com/bid/67602 http://www.securitytracker.com/id/1030281 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-6178
https://notcve.org/view.php?id=CVE-2013-6178
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.4 SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades cross-site scripting (XSS) en EMC RSAArcher GRC 5.x anteriores a 5.4 SP1 permite a atacantes remotos inyectar script web o HTML de forma arbitraria a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2013-12/0120.html http://www.securitytracker.com/id/1029523 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •