cbcvebase.

Emc Rsa Authentication Manager vulnerabilities

25 known vulnerabilities affecting emc/rsa_authentication_manager.

Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM23LOW1

Vulnerabilities

Page 2 of 2
CVE-2020-5346P4MEDIUMCVSS 4.8≤ 8.3v8.42020-04-15
CVE-2020-5346 [MEDIUM] CWE-79 CVE-2020-5346: RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerabi RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript code through the Security Console web interface. When othe
nvd
CVE-2019-18574P4MEDIUMCVSS 4.8v8.42019-12-03
CVE-2019-18574 [MEDIUM] CWE-79 CVE-2019-18574: RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting v RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. A malicious Security Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface which could then be included in a report. When other Security Console
nvd
CVE-2014-0623P4MEDIUMCVSS 4.3v7.12014-03-27
CVE-2014-0623 [MEDIUM] CWE-79 CVE-2014-0623: Cross-site scripting (XSS) vulnerability in the Self-Service Console in EMC RSA Authentication Manag Cross-site scripting (XSS) vulnerability in the Self-Service Console in EMC RSA Authentication Manager 7.1 before SP4 P32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "cross frame scripting" issue.
nvd
CVE-2012-2278P4MEDIUMCVSS 4.3≤ 7.1v7.0+1 more2012-07-13
CVE-2012-2278 [MEDIUM] CWE-79 CVE-2012-2278: Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2013-3273P4LOWCVSS 2.1v7.1v8.02013-07-08
CVE-2013-3273 [LOW] CWE-255 CVE-2013-3273: EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file.
nvd
Emc Rsa Authentication Manager vulnerabilities | cvebase