Emc Rsa Authentication Manager vulnerabilities
25 known vulnerabilities affecting emc/rsa_authentication_manager.
Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM23LOW1
Vulnerabilities
Page 2 of 2
CVE-2020-5346P4MEDIUMCVSS 4.8≤ 8.3v8.42020-04-15
CVE-2020-5346 [MEDIUM] CWE-79 CVE-2020-5346: RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerabi
RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript code through the Security Console web interface. When othe
nvd
CVE-2019-18574P4MEDIUMCVSS 4.8v8.42019-12-03
CVE-2019-18574 [MEDIUM] CWE-79 CVE-2019-18574: RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting v
RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. A malicious Security Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface which could then be included in a report. When other Security Console
nvd
CVE-2014-0623P4MEDIUMCVSS 4.3v7.12014-03-27
CVE-2014-0623 [MEDIUM] CWE-79 CVE-2014-0623: Cross-site scripting (XSS) vulnerability in the Self-Service Console in EMC RSA Authentication Manag
Cross-site scripting (XSS) vulnerability in the Self-Service Console in EMC RSA Authentication Manager 7.1 before SP4 P32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "cross frame scripting" issue.
nvd
CVE-2012-2278P4MEDIUMCVSS 4.3≤ 7.1v7.0+1 more2012-07-13
CVE-2012-2278 [MEDIUM] CWE-79 CVE-2012-2278: Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2013-3273P4LOWCVSS 2.1v7.1v8.02013-07-08
CVE-2013-3273 [LOW] CWE-255 CVE-2013-3273: EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does
EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file.
nvd
← Previous2 / 2