Lucene search
K
RsaWeb Threat Detection

6 matches found

CVE
CVE
added 2018/06/05 12:0 p.m.70 views

CVE-2018-1252

CVE-2018-1252 affects RSA Web Threat Detection versions prior to 6.4, where an SQL injection vulnerability exists in the Administration and Forensics applications. An authenticated attacker with low privileges could supply specially crafted input to exploit this flaw and execute SQL commands on t...

8.8CVSS9AI score0.01997EPSS
CVE
CVE
added 2015/06/05 10:0 a.m.60 views

CVE-2015-0541

The CVE-2015-0541 issue affects RSA Web Threat Detection (RSA WTD) prior to version 5.1. It is a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to hijack the authenticated state of a user by tricking them into clicking crafted links or visiting malicious sites. The r...

6.8CVSS7.4AI score0.00953EPSS
CVE
CVE
added 2017/02/03 7:24 a.m.53 views

CVE-2016-0919

CVE-2016-0919 concerns a cross-site scripting vulnerability in EMC RSA Web Threat Detection, affecting versions 5.0, 5.1, and 5.1.2. The connected sources consistently state that the issue is a cross-site scripting flaw that could allow a malicious actor to compromise the affected system; however...

6.1CVSS6AI score0.01368EPSS
CVE
CVE
added 2014/11/07 11:0 a.m.50 views

CVE-2014-4627

CVE-2014-4627 affects EMC RSA Web Threat Detection 4.x prior to version 4.6.1.1. The vulnerability is an SQL injection in the RSA Web Threat Detection component that can be triggered by an authenticated remote user via unspecified vectors, potentially allowing the attacker to access, modify, or d...

8.8CVSS8.6AI score0.02254EPSS
CVE
CVE
added 2015/10/12 1:0 a.m.43 views

CVE-2015-4547

CVE-2015-4547 affects RSA Web Threat Detection before 5.1 SP1. The vulnerability is that the AnnoDB password is stored in cleartext in a system configuration file, enabling remote authenticated users to read the file and obtain the password. Impact is information disclosure that could enable data...

4CVSS6AI score0.02082EPSS
CVE
CVE
added 2015/10/12 1:0 a.m.42 views

CVE-2015-4548

RSA Web Threat Detection before 5.1 SP1 is affected by CVE-2015-4548, a local privilege-escalation flaw where a user with a service account can inject commands into a service configuration file to obtain root privileges. The issue stems from writing to the configuration file, enabling local explo...

7.2CVSS6.6AI score0.00519EPSS