3 matches found
CVE-2019-18574
RSA Authentication Manager versions prior to 8.4 Patch 8 (8.4.0.8) are affected by a stored cross-site scripting vulnerability in the Security Console. An authenticated Security Console administrator can store arbitrary HTML/JavaScript through the web interface, which may be included in a report ...
CVE-2019-3711
RSA Authentication Manager versions prior to 8.4 P1 have an insecure credential management vulnerability in the Operations Console that may allow an authenticated administrator to obtain the value of a domain password previously set by another administrator and use it for attacks. Root cause: ins...
CVE-2018-15782
The CVE-2018-15782 entry affects EMC RSA Authentication Manager prior to version 8.4, where the Quick Setup component is vulnerable to a relative path traversal. A local attacker could use a crafted license during initial quick setup to obtain unauthorized access to the system. Data from the init...