Vulnerabilities > EMC
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2024-0454 | Authentication Bypass by Spoofing vulnerability in EMC Elan Match-On-Chip FPR Solution Firmware 3.0.12011.08009/3.3.12011.08103 ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than 3.0.12011.08009(Legacy)/3.3.12011.08103(ESS) would suffer this risk on DELL Inspiron platform. | 6.1 |
| 2023-09-27 | CVE-2023-32458 | Improper Access Control vulnerability in EMC Appsync Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. | 7.8 |
| 2020-04-15 | CVE-2020-5346 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
| 2020-03-26 | CVE-2020-5340 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
| 2020-03-26 | CVE-2020-5339 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
| 2020-01-03 | CVE-2019-3768 | XXE vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P7 contain an XML Entity Injection Vulnerability. | 6.5 |
| 2019-12-03 | CVE-2019-18574 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
| 2019-09-30 | CVE-2019-3733 | Incomplete Cleanup vulnerability in multiple products RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. | 4.0 |
| 2019-09-30 | CVE-2019-3732 | Information Exposure Through Discrepancy vulnerability in multiple products RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. | 5.0 |
| 2019-03-13 | CVE-2019-3711 | RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. | 4.0 |