CVE-2015-4543 Information

Description

EMC RSA Archer GRC 5.x before 5.5.3 uses cleartext for stored passwords in unspecified circumstances which allows remote authenticated users to obtain sensitive information by reading database fields.

Reference

http://packetstormsecurity.com/files/133682/RSA-Archer-GRC-5.5.3-XSS-Improper-Authorization-Information-Disclosure.html http://seclists.org/bugtraq/2015/Sep/105 http://www.securitytracker.com/id/1033649