Vulnerabilities > EMC > RSA Adaptive Authentication ON Premise > 7.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-08 | CVE-2014-4631 | Improper Authentication vulnerability in EMC RSA Adaptive Authentication On-Premise 6.0.2.1/7.0/7.1 RSA Adaptive Authentication (On-Premise) 6.0.2.1 through 7.1 P3, when using device binding in a Challenge SOAP call or using the RSA Adaptive Authentication Integration Adapters with Out-of-Band Phone (Authentify) functionality, conducts permanent device binding even when authentication fails, which allows remote attackers to bypass authentication. | 5.0 |
2014-04-04 | CVE-2014-0638 | Cross-Site Scripting vulnerability in EMC RSA Adaptive Authentication On-Premise Cross-site scripting (XSS) vulnerability in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a "cross-frame scripting" issue. | 4.3 |
2014-04-04 | CVE-2014-0637 | Cross-Site Scripting vulnerability in EMC RSA Adaptive Authentication On-Premise Cross-site scripting (XSS) vulnerability in the back-office case-management application in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |