Vulnerabilities > EMC > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2024-0454 | Authentication Bypass by Spoofing vulnerability in EMC Elan Match-On-Chip FPR Solution Firmware 3.0.12011.08009/3.3.12011.08103 ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than 3.0.12011.08009(Legacy)/3.3.12011.08103(ESS) would suffer this risk on DELL Inspiron platform. | 6.1 |
| 2020-04-15 | CVE-2020-5346 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
| 2020-03-26 | CVE-2020-5340 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
| 2020-03-26 | CVE-2020-5339 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
| 2020-01-03 | CVE-2019-3768 | XXE vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P7 contain an XML Entity Injection Vulnerability. | 6.5 |
| 2019-12-03 | CVE-2019-18574 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
| 2019-09-30 | CVE-2019-3733 | Incomplete Cleanup vulnerability in multiple products RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. | 4.9 |
| 2018-11-13 | CVE-2018-15771 | Information Exposure vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. | 5.5 |
| 2018-09-28 | CVE-2018-11075 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page. | 4.7 |
| 2018-09-28 | CVE-2018-11074 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its embedded MadCap Flare Help files. | 6.1 |