Emc Rsa Authentication Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Emc Rsa Authentication Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2019-3768 — CVSS 6.5 (medium): RSA Authentication Manager versions prior to 8.4 P7 contain an XML Entity Injection Vulnerability. A remote authenticated malicious user…
CVE-2018-11073 — CVSS 6.5 (medium): RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console. A…
CVE-2012-2279 — CVSS 6.4 (medium): Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0…
CVE-2018-11074 — CVSS 6.1 (medium): RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its…
CVE-2016-0900 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary…
CVE-2016-0901 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary…
CVE-2017-14373 — CVSS 6.1 (medium): EMC RSA Authentication Manager 8.2 SP1 P4 and earlier contains a reflected cross-site scripting vulnerability that could potentially be…
CVE-2018-1254 — CVSS 6.1 (medium): RSA Authentication Manager Security Console, versions 8.3 P1 and earlier, contains a reflected cross-site scripting vulnerability. A remote…
CVE-2017-8006 — CVSS 5.9 (medium): In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a malicious user logged into the Self-Service Console of RSA Authentication…
CVE-2018-11075 — CVSS 5.8 (medium): RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page. A…
CVE-2019-3711 — CVSS 5.8 (medium): RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console…
CVE-2014-2516 — CVSS 5.8 (medium): Open redirect vulnerability in EMC RSA Authentication Manager 8.x before 8.1 Patch 6 allows remote attackers to redirect users to arbitrary…
CVE-2017-14379 — CVSS 5.4 (medium): EMC RSA Authentication Manager before 8.2 SP1 P6 has a cross-site scripting vulnerability that could potentially be exploited by malicious…
CVE-2016-0902 — CVSS 5.3 (medium): CRLF injection vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary HTTP headers…
CVE-2012-2280 — CVSS 5.0 (medium): EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 do not properly use frames, which allows…
CVE-2020-5346 — CVSS 4.8 (medium): RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A…
CVE-2017-8000 — CVSS 4.8 (medium): In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA Security Console Administrator could craft a token profile and store…
CVE-2019-18574 — CVSS 4.8 (medium): RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. A…
CVE-2020-5339 — CVSS 4.8 (medium): RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A…
CVE-2020-5340 — CVSS 4.8 (medium): RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A…
CVE-2017-15546 — CVSS 4.3 (medium): The Security Console in EMC RSA Authentication Manager 8.2 SP1 P6 and earlier is affected by a blind SQL injection vulnerability…
CVE-2012-2278 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Console in EMC RSA Authentication…
CVE-2014-0623 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Self-Service Console in EMC RSA Authentication Manager 7.1 before SP4 P32 allows remote…
CVE-2013-3273 — CVSS 2.1 (low): EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative…