CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-0947 – RSA Authentication Manager 8.0 Injection / Disclosure
https://notcve.org/view.php?id=CVE-2013-0947
29 May 2013 — EMC RSA Authentication Manager 8.0 before P1 allows local users to discover cleartext operating-system passwords, HTTP plug-in proxy passwords, and SNMP communities by reading a (1) log file or (2) configuration file. EMC RSA Authentication Manager v8.0 anteriores a P1 permite que usuarios locales accedan en texto claro a contraseñas del sistema operativo, contraseñas del plugin para proxy HTTP, y comunidades SNMP mediante la lectura de (1) un fichero log o (2) un fichero de configuración. RSA Authenticatio... • http://archives.neohapsis.com/archives/bugtraq/2013-05/0115.html • CWE-255: Credentials Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2012-2278
https://notcve.org/view.php?id=CVE-2012-2278
13 Jul 2012 — Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en (1) Self-Service Console y (2) Security Console en EMC RSA Authentication Manager v7.1 anterior a SP4 P14 y RSA SecurID Appl... • http://archives.neohapsis.com/archives/bugtraq/2012-07/0064.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 12EXPL: 0CVE-2012-2279
https://notcve.org/view.php?id=CVE-2012-2279
13 Jul 2012 — Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección abierta ("open redirect") en el Security Console en EMC RSA Authentication Manager v7.1 anterior a SP4 P14 y RSA SecurID Appliance v3.0 anterior a SP4 P14 permite a atacantes remotos redirigir a los usuarios a sit... • http://archives.neohapsis.com/archives/bugtraq/2012-07/0064.html • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2012-2280
https://notcve.org/view.php?id=CVE-2012-2280
13 Jul 2012 — EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 do not properly use frames, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "Cross frame scripting vulnerability." EMC RSA Authentication Manager v7.1 anterior a SP4 y RSA SecurID Appliance v3.0 anterior a SP4 P14 no utiliza correctamente los marco (frames), permitiendo a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no ... • http://archives.neohapsis.com/archives/bugtraq/2012-07/0064.html •