Vulnerabilities > EMC > RSA Authentication Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-5346 Cross-site Scripting vulnerability in EMC RSA Authentication Manager
RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console.
network
low complexity
emc CWE-79
4.8
4.8
2020-03-26 CVE-2020-5340 Cross-site Scripting vulnerability in EMC RSA Authentication Manager
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console.
network
low complexity
emc CWE-79
4.8
4.8
2020-03-26 CVE-2020-5339 Cross-site Scripting vulnerability in EMC RSA Authentication Manager
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console.
network
low complexity
emc CWE-79
4.8
4.8
2020-01-03 CVE-2019-3768 XXE vulnerability in EMC RSA Authentication Manager
RSA Authentication Manager versions prior to 8.4 P7 contain an XML Entity Injection Vulnerability.
network
low complexity
emc CWE-611
6.5
6.5
2019-12-03 CVE-2019-18574 Cross-site Scripting vulnerability in multiple products
RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console.
network
low complexity
rsa emc CWE-79
4.8
4.8
2019-03-13 CVE-2019-3711 RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability.
network
low complexity
emc rsa
4.0
4.0
2018-09-28 CVE-2018-11074 Cross-site Scripting vulnerability in multiple products
RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its embedded MadCap Flare Help files.
network
rsa emc CWE-79
4.3
4.3
2018-06-21 CVE-2018-1254 Cross-site Scripting vulnerability in EMC RSA Authentication Manager 8.0/8.3
RSA Authentication Manager Security Console, versions 8.3 P1 and earlier, contains a reflected cross-site scripting vulnerability.
network
emc CWE-79
4.3
4.3
2018-06-21 CVE-2018-1253 Cross-site Scripting vulnerability in EMC RSA Authentication Manager
RSA Authentication Manager Operation Console, versions 8.3 P1 and earlier, contains a stored cross-site scripting vulnerability.
network
emc CWE-79
4.3
4.3
2018-01-25 CVE-2017-15546 SQL Injection vulnerability in EMC RSA Authentication Manager
The Security Console in EMC RSA Authentication Manager 8.2 SP1 P6 and earlier is affected by a blind SQL injection vulnerability.
network
low complexity
emc CWE-89
4.0
4.0