Vulnerability Description
RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to upload malicious files via attachments to arbitrary paths on the web server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Archer Grc Platform | <= 6.2.0.4 |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2017/Oct/12Mailing ListThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/101195Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039518Third Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2017/Oct/12Mailing ListThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/101195Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039518Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-8025?
CVE-2017-8025 is a vulnerability with a CVSS score of 7.4 (HIGH). RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to upload malicious files v...
How severe is CVE-2017-8025?
CVE-2017-8025 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-8025?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Archer Grc Platform.