Vulnerabilities > EMC > RSA Data Protection Manager Appliance > Medium

DATE CVE VULNERABILITY TITLE RISK
2013-11-22 CVE-2013-3288 Cross-Site Scripting vulnerability in EMC RSA Data Protection Manager Appliance
Cross-site scripting (XSS) vulnerability on the EMC RSA Data Protection Manager (DPM) appliance 3.2.x before 3.2.4.2 and 3.5.x before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
network
emc CWE-79
4.3
2012-11-16 CVE-2012-4613 Improper Authentication vulnerability in EMC RSA Data Protection Manager Appliance
EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypass intended access restrictions via a brute-force attack.
local
emc CWE-287
6.9
2012-11-16 CVE-2012-4612 Cross-Site Scripting vulnerability in EMC products
Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
emc CWE-79
4.3