Vulnerabilities > RSA > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-04 | CVE-2020-5336 | Injection vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability. | 6.1 |
| 2020-05-04 | CVE-2020-5334 | Cross-site Scripting vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. | 6.1 |
| 2020-05-04 | CVE-2020-5333 | Incorrect Authorization vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API. | 4.3 |
| 2020-05-04 | CVE-2020-5331 | Information Exposure vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. | 5.5 |
| 2019-12-03 | CVE-2019-18574 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
| 2019-09-18 | CVE-2019-3756 | Information Exposure vulnerability in RSA Archer RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information disclosure vulnerability. | 6.5 |
| 2019-03-13 | CVE-2019-3715 | Information Exposure Through Log Files vulnerability in RSA Archer GRC Platform RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. | 5.5 |
| 2019-01-03 | CVE-2018-15780 | Unspecified vulnerability in RSA Archer GRC Platform RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability. | 6.5 |
| 2018-09-28 | CVE-2018-11075 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page. | 4.7 |
| 2018-09-28 | CVE-2018-11074 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its embedded MadCap Flare Help files. | 6.1 |