Web Threat Detection Security Vulnerabilities and Issues — Web Threat Detection CVE List

Lucene search

RsaWeb Threat Detection

6 matches found

cve•added 2018/06/05 12:29 p.m.•58 views

CVE-2018-1252

RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL commands on the back-end database to gain unauthor...

8.8CVSS9AI score0.00805EPSS

cve•added 2015/06/05 10:59 a.m.•48 views

CVE-2015-0541

Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat Detection before 5.1 allows remote attackers to hijack the authentication of arbitrary users.

6.8CVSS7.4AI score0.00134EPSS

cve•added 2017/02/03 7:59 a.m.•39 views

CVE-2016-0919

EMC RSA Web Threat Detection version 5.0, RSA Web Threat Detection version 5.1, RSA Web Threat Detection version 5.1.2 has a cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.

6.1CVSS6AI score0.00465EPSS

cve•added 2014/11/07 11:55 a.m.•36 views

CVE-2014-4627

SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before 4.6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

8.8CVSS8.6AI score0.0131EPSS

cve•added 2015/10/12 1:59 a.m.•30 views

CVE-2015-4547

EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB password in a configuration file, which allows remote authenticated users to obtain sensitive information by reading this file.

4CVSS6AI score0.00513EPSS

cve•added 2015/10/12 1:59 a.m.•30 views

CVE-2015-4548

EMC RSA Web Threat Detection before 5.1 SP1 allows local users to obtain root privileges by leveraging access to a service account and writing commands to a service configuration file.

7.2CVSS6.6AI score0.00078EPSS