Vulnerabilities > RSA > Authentication Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-03 CVE-2019-18574 Cross-site Scripting vulnerability in multiple products
RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console.
network
low complexity
rsa emc CWE-79
4.8
2018-09-28 CVE-2018-11075 Cross-site Scripting vulnerability in multiple products
RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page.
network
high complexity
rsa emc CWE-79
4.7
2018-09-28 CVE-2018-11074 Cross-site Scripting vulnerability in multiple products
RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its embedded MadCap Flare Help files.
network
low complexity
rsa emc CWE-79
6.1
2018-09-28 CVE-2018-11073 Cross-site Scripting vulnerability in multiple products
RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console.
network
low complexity
rsa emc CWE-79
4.8
2018-05-08 CVE-2018-1248 Open Redirect vulnerability in RSA Authentication Manager
RSA Authentication Manager Security Console, Operation Console and Self-Service Console, version 8.3 and earlier, is affected by a Host header injection vulnerability.
network
low complexity
rsa CWE-601
6.1