Vulnerabilities > RSA
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-28 | CVE-2018-11075 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page. | 4.7 |
| 2018-09-28 | CVE-2018-11074 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its embedded MadCap Flare Help files. | 6.1 |
| 2018-09-28 | CVE-2018-11073 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console. | 4.8 |
| 2018-08-24 | CVE-2018-11065 | SQL Injection vulnerability in RSA Archer 6.1.0.0 The WorkPoint component, which is embedded in all RSA Archer, versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1, contains a SQL injection vulnerability. | 4.3 |
| 2018-07-24 | CVE-2018-11060 | Unspecified vulnerability in RSA Archer 6.1.0.0/6.4.0.0 RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. | 8.8 |
| 2018-07-24 | CVE-2018-11059 | Cross-site Scripting vulnerability in RSA Archer 6.1.0.0/6.4.0.0 RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. | 5.4 |
| 2018-07-11 | CVE-2018-11049 | Uncontrolled Search Path Element vulnerability in multiple products RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. | 7.3 |
| 2018-06-05 | CVE-2018-1252 | SQL Injection vulnerability in RSA web Threat Detection RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. | 8.8 |
| 2018-05-08 | CVE-2018-1248 | Open Redirect vulnerability in RSA Authentication Manager RSA Authentication Manager Security Console, Operation Console and Self-Service Console, version 8.3 and earlier, is affected by a Host header injection vulnerability. | 6.1 |
| 2018-05-08 | CVE-2018-1247 | XXE vulnerability in RSA Authentication Manager RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External Entity (XXE) vulnerability. | 7.1 |