Vulnerabilities > EMC > RSA Authentication Manager > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-28 | CVE-2018-11073 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console. | 3.5 |
| 2018-09-28 | CVE-2018-11075 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page. | 2.6 |
| 2017-11-28 | CVE-2017-14379 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager 8.1 EMC RSA Authentication Manager before 8.2 SP1 P6 has a cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 3.5 |
| 2017-07-17 | CVE-2017-8000 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager 8.1/8.2 In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA Security Console Administrator could craft a token profile and store the profile name in the RSA Authentication Manager database. | 3.5 |
| 2013-07-08 | CVE-2013-3273 | Credentials Management vulnerability in multiple products EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file. | 2.1 |