VYPR

RSA Web Threat Detection

by EMC Corporation

CVEs (5)

  • CVE-2014-4627HigNov 7, 2014
    risk 0.57cvss 8.8epss 0.02

    SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before 4.6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2016-0919MedFeb 3, 2017
    risk 0.40cvss 6.1epss 0.01

    EMC RSA Web Threat Detection version 5.0, RSA Web Threat Detection version 5.1, RSA Web Threat Detection version 5.1.2 has a cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.

  • CVE-2015-4548Oct 12, 2015
    risk 0.00cvss epss 0.01

    EMC RSA Web Threat Detection before 5.1 SP1 allows local users to obtain root privileges by leveraging access to a service account and writing commands to a service configuration file.

  • CVE-2015-4547Oct 12, 2015
    risk 0.00cvss epss 0.02

    EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB password in a configuration file, which allows remote authenticated users to obtain sensitive information by reading this file.

  • CVE-2015-0541Jun 5, 2015
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat Detection before 5.1 allows remote attackers to hijack the authentication of arbitrary users.