CVE-2018-1252
- EPSS 0.68%
- Veröffentlicht 05.06.2018 12:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:28
RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL c...
CVE-2016-0919
- EPSS 0.47%
- Veröffentlicht 03.02.2017 07:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
EMC RSA Web Threat Detection version 5.0, RSA Web Threat Detection version 5.1, RSA Web Threat Detection version 5.1.2 has a cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.
CVE-2015-4548
- EPSS 0.08%
- Veröffentlicht 12.10.2015 01:59:19
- Zuletzt bearbeitet 12.04.2025 10:46:40
EMC RSA Web Threat Detection before 5.1 SP1 allows local users to obtain root privileges by leveraging access to a service account and writing commands to a service configuration file.
- EPSS 0.51%
- Veröffentlicht 12.10.2015 01:59:18
- Zuletzt bearbeitet 12.04.2025 10:46:40
EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB password in a configuration file, which allows remote authenticated users to obtain sensitive information by reading this file.
CVE-2015-0541
- EPSS 0.13%
- Veröffentlicht 05.06.2015 10:59:01
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat Detection before 5.1 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2014-4627
- EPSS 1.31%
- Veröffentlicht 07.11.2014 11:55:03
- Zuletzt bearbeitet 12.04.2025 10:46:40
SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before 4.6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.