Vulnerabilities > RSA > WEB Threat Detection > 4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-10-12 | CVE-2015-4548 | Permissions, Privileges, and Access Controls vulnerability in RSA web Threat Detection EMC RSA Web Threat Detection before 5.1 SP1 allows local users to obtain root privileges by leveraging access to a service account and writing commands to a service configuration file. | 7.2 |
2015-10-12 | CVE-2015-4547 | Information Exposure vulnerability in RSA web Threat Detection EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB password in a configuration file, which allows remote authenticated users to obtain sensitive information by reading this file. | 4.0 |
2015-06-05 | CVE-2015-0541 | Cross-Site Request Forgery (CSRF) vulnerability in RSA web Threat Detection Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat Detection before 5.1 allows remote attackers to hijack the authentication of arbitrary users. | 6.8 |
2014-11-07 | CVE-2014-4627 | SQL Injection vulnerability in RSA web Threat Detection SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before 4.6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |