Vulnerabilities > EMC > RSA Data Protection Manager Appliance > 3.2

DATE	CVE	VULNERABILITY TITLE	RISK
2013-11-22	CVE-2013-3288	Cross-Site Scripting vulnerability in EMC RSA Data Protection Manager Appliance Cross-site scripting (XSS) vulnerability on the EMC RSA Data Protection Manager (DPM) appliance 3.2.x before 3.2.4.2 and 3.5.x before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. network emc CWE-79	4.3
2012-11-16	CVE-2012-4613	Improper Authentication vulnerability in EMC RSA Data Protection Manager Appliance EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypass intended access restrictions via a brute-force attack. local emc CWE-287	6.9
2012-11-16	CVE-2012-4612	Cross-Site Scripting vulnerability in EMC products Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network emc CWE-79	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.