Every CVE whose affected-product data names Rsa Envision, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2012-0402 — CVSS 9.3 (critical): EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obtain access…
CVE-2012-0400 — CVSS 7.9 (high): EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for…
CVE-2012-0401 — CVSS 6.5 (medium): Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbitrary SQL…
CVE-2012-0403 — CVSS 6.3 (medium): Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authenticated users to have an unspecified…
CVE-2011-4143 — CVSS 5.0 (medium): EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive information about environment variables in…
CVE-2008-6886 — CVSS 5.0 (medium): RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows…
CVE-2011-2736 — CVSS 5.0 (medium): RSA enVision 4.x before 4 SP4 P3 places cleartext administrative credentials in Task Escalation e-mail messages, which allows remote…
CVE-2011-2737 — CVSS 5.0 (medium): RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to read arbitrary files via unspecified vectors, related to an "arbitrary…
CVE-2012-0399 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote attackers to inject arbitrary…
CVE-2007-4900 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVision 3.3.6 Build 0115 allows remote attackers to inject arbitrary web…
CVE-2010-2634 — CVSS 4.0 (medium): RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspecified vectors.