Vulnerabilities > RSA > Envision > 4.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-03-20 | CVE-2012-0403 | Path Traversal vulnerability in RSA Envision 4.0/4.1 Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authenticated users to have an unspecified impact via unknown vectors. | 6.3 |
| 2012-03-20 | CVE-2012-0402 | Credentials Management vulnerability in RSA Envision 4.0/4.1 EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obtain access via unknown vectors. | 9.3 |
| 2012-03-20 | CVE-2012-0401 | SQL Injection vulnerability in RSA Envision 4.0/4.1 Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
| 2012-03-20 | CVE-2012-0400 | Improper Authentication vulnerability in RSA Envision 4.0/4.1 EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. | 7.9 |
| 2012-03-20 | CVE-2012-0399 | Cross-Site Scripting vulnerability in RSA Envision 4.0/4.1 Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-01-27 | CVE-2011-4143 | Information Exposure vulnerability in RSA Envision 4.0/4.1 EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive information about environment variables in the web system via unspecified vectors. | 5.0 |