Erlend Leiknes, Security Consultant at mnemonic, identified and disclosed the following vulnerabilities given CVE ID CVE-2017-8025 and CVE-2017-14371.
The Arbitrary File Upload Vulnerability means that a remote unauthenticated attacker could upload malicious files via attachments to arbitrary paths on the web server.
CVSSv3 Base Score: 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
This discovery exposed that RSA Archer is affected by reflected cross site scripting vulnerability via request URL parameter. This made it possible for attackers to execute arbitrary HTML in the user’s browser session in the context of the affected RSA Archer application.
CVSSv3 Base Score: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
The vulnerabilities affect all RSA Archer versions prior to 18.104.22.168.
Customers are recommended to upgrade to RSA Archer GRC 6.2 Patch 6. More information at http://seclists.org/fulldisclosure/2017/Oct/12
Official release notes and security advisory can be found at: https://community.rsa.com/docs/DOC-79882