Vulnerabilities > RSA > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-28 | CVE-2018-11073 | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console. | 4.8 |
| 2018-08-24 | CVE-2018-11065 | SQL Injection vulnerability in RSA Archer 6.1.0.0 The WorkPoint component, which is embedded in all RSA Archer, versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1, contains a SQL injection vulnerability. | 4.3 |
| 2018-07-24 | CVE-2018-11059 | Cross-site Scripting vulnerability in RSA Archer 6.1.0.0/6.4.0.0 RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. | 5.4 |
| 2018-05-08 | CVE-2018-1248 | Open Redirect vulnerability in RSA Authentication Manager RSA Authentication Manager Security Console, Operation Console and Self-Service Console, version 8.3 and earlier, is affected by a Host header injection vulnerability. | 6.1 |
| 2018-03-30 | CVE-2018-1234 | Information Exposure vulnerability in RSA Authentication Agent for web 8.0/8.0.1 RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. | 5.5 |
| 2018-03-30 | CVE-2018-1233 | Cross-site Scripting vulnerability in RSA Authentication Agent for web 8.0/8.0.1 RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. | 6.1 |
| 2017-10-11 | CVE-2017-14372 | Cross-site Scripting vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages. | 6.1 |
| 2017-10-11 | CVE-2017-14371 | Cross-site Scripting vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting via the request URL. | 6.1 |
| 2017-10-11 | CVE-2017-14370 | Cross-site Scripting vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field. | 5.4 |
| 2017-10-11 | CVE-2017-14369 | Unspecified vulnerability in RSA Archer GRC Platform RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege escalation vulnerability. | 4.3 |