Vulnerabilities > EMC > RSA Adaptive Authentication ON Premise > 7.1

DATE	CVE	VULNERABILITY TITLE	RISK
2014-12-08	CVE-2014-4631	Improper Authentication vulnerability in EMC RSA Adaptive Authentication On-Premise 6.0.2.1/7.0/7.1 RSA Adaptive Authentication (On-Premise) 6.0.2.1 through 7.1 P3, when using device binding in a Challenge SOAP call or using the RSA Adaptive Authentication Integration Adapters with Out-of-Band Phone (Authentify) functionality, conducts permanent device binding even when authentication fails, which allows remote attackers to bypass authentication. network low complexity emc CWE-287	5.0
2014-04-04	CVE-2014-0638	Cross-Site Scripting vulnerability in EMC RSA Adaptive Authentication On-Premise Cross-site scripting (XSS) vulnerability in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a "cross-frame scripting" issue. network emc CWE-79	4.3
2014-04-04	CVE-2014-0637	Cross-Site Scripting vulnerability in EMC RSA Adaptive Authentication On-Premise Cross-site scripting (XSS) vulnerability in the back-office case-management application in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. network emc CWE-79	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.