CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14372

RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages. Attackers could potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://seclists.org/fulldisclosure/2017/Oct/12
http://www.securityfocus.com/bid/101195
http://www.securitytracker.com/id/1039518
http://seclists.org/fulldisclosure/2017/Oct/12
http://www.securityfocus.com/bid/101195
http://www.securitytracker.com/id/1039518

Products affected by CVE-2017-14372

Rsa » Archer Grc Platform » Version: 5.5

cpe:2.3:a:rsa:archer_grc_platform:5.5
Rsa » Archer Grc Platform » Version: 6.0

cpe:2.3:a:rsa:archer_grc_platform:6.0
Rsa » Archer Grc Platform » Version: 6.1

cpe:2.3:a:rsa:archer_grc_platform:6.1
Rsa » Archer Grc Platform » Version: 6.2

cpe:2.3:a:rsa:archer_grc_platform:6.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14372

Products

Pricing

Contact Us