Vulnerabilities > RSA > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2021-33615 | Unrestricted Upload of File with Dangerous Type vulnerability in RSA Archer RSA Archer 6.8.00500.1003 P5 allows Unrestricted Upload of a File with a Dangerous Type. | 8.5 |
| 2022-05-26 | CVE-2022-30584 | Unspecified vulnerability in RSA Archer Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. | 8.8 |
| 2020-07-31 | CVE-2020-5384 | Improper Authentication vulnerability in RSA Multifactor Authentication Agent 2.0 Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authentication Bypass vulnerability. | 7.2 |
| 2019-09-18 | CVE-2019-3758 | Weak Password Requirements vulnerability in RSA Archer RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. | 7.5 |
| 2019-05-15 | CVE-2019-3725 | OS Command Injection vulnerability in RSA Netwitness and Security Analytics RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to 10.6.6.1 are vulnerable to a Command Injection vulnerability due to missing input validation in the product. | 7.5 |
| 2019-01-16 | CVE-2018-15782 | Path Traversal vulnerability in RSA Authentication Manager The Quick Setup component of RSA Authentication Manager versions prior to 8.4 is vulnerable to a relative path traversal vulnerability. | 7.2 |
| 2018-03-08 | CVE-2018-1182 | Improper Privilege Management vulnerability in multiple products An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (hardware appliance and software bundle deployments only); RSA Via Lifecycle and Governance version 7.0, all patch levels (hardware appliance and software bundle deployments only); RSA Identity Management & Governance (RSA IMG) versions 6.9.0, 6.9.1, all patch levels (hardware appliance and software bundle deployments only). | 7.2 |
| 2017-11-29 | CVE-2017-14377 | Improper Authentication vulnerability in RSA Authentication Agent for web 8.0/8.0.1 EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could potentially lead to authentication bypass. | 7.5 |
| 2015-12-23 | CVE-2015-6851 | Improper Access Control vulnerability in RSA Securid web Agent EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector. | 7.2 |
| 2015-10-12 | CVE-2015-4548 | Permissions, Privileges, and Access Controls vulnerability in RSA web Threat Detection EMC RSA Web Threat Detection before 5.1 SP1 allows local users to obtain root privileges by leveraging access to a service account and writing commands to a service configuration file. | 7.2 |