CVE-2015-4543
RSA Archer GRC 5.x < 5.5.3 - Authenticated Exposure of Sensitive Information via Cleartext Password Storage
Title source: llmDescription
EMC RSA Archer GRC 5.x before 5.5.3 uses cleartext for stored passwords in unspecified circumstances, which allows remote authenticated users to obtain sensitive information by reading database fields.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/133682/RSA-Archer-GRC-5.5.3-XSS-Improper-Authorization-Information-Disclosure.html
Third Party Advisory mailing-list
x_refsource_bugtraq
http://seclists.org/bugtraq/2015/Sep/105
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033649
Scores
EPSS
0.0046
EPSS Percentile
64.1%
Details
CWE
CWE-200
Status
published
Products (3)
emc/rsa_archer_grc
5.5.0
emc/rsa_archer_grc
5.5.1
emc/rsa_archer_grc
5.5.2
Published
Sep 26, 2015
Tracked Since
Feb 18, 2026