Computer Security
[EN] securityvulns.ru no-pyccku


EMC RSA Data Protection Manager security vulnerabilities
Published:14.11.2012
Source:
SecurityVulns ID:12712
Type:remote
Threat Level:
5/10
Description:Crossite scripting, restrictions bypass.
Affected:EMC : RSA Data Protection Manager 3.2
CVE:CVE-2012-4613 (EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypass intended access restrictions via a brute-force attack.)
 CVE-2012-4612 (Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentEMC, ESA-2012-055: RSA® Data Protection Manager Multiple Vulnerabilities (14.11.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod