GCVE - cpe:2.3:a:rsa:web_threat_detection:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:rsa:web_threat_detection:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Rsa (`6c9430aa-ac8c-5ac3-900a-ccfffd5a25d5`)
Product	Web Threat Detection (`f825f311-9480-505f-83a9-43f43776ae36`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-1252`	vulnerable	2026-06-03 14:38:30.617440	RSA Web Threat Detection SQL Injection Vulnerability RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL commands on the back-end database to gain unauthorized access to the tool's monitoring and user information by supplying specially crafted input data to the affected application. Published: 2018-06-05T12:00:00.000Z Updated: 2024-09-17T03:32:36.574Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1041026 http://www.securityfocus.com/bid/104396 http://seclists.org/fulldisclosure/2018/Jun/4	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-4548`	vulnerable	2026-06-03 14:34:52.175528	Details available EMC RSA Web Threat Detection before 5.1 SP1 allows local users to obtain root privileges by leveraging access to a service account and writing commands to a service configuration file. Published: 2015-10-12T01:00:00.000Z Updated: 2024-08-06T06:18:11.927Z Open on db.gcve.eu Reference links http://seclists.org/bugtraq/2015/Sep/134 http://packetstormsecurity.com/files/133779/RSA-Web-Threat-Detection-Privilege-Escalation-Information-Disclosure.html http://www.securitytracker.com/id/1033672	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-4547`	vulnerable	2026-06-03 14:34:52.175150	Details available EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB password in a configuration file, which allows remote authenticated users to obtain sensitive information by reading this file. Published: 2015-10-12T01:00:00.000Z Updated: 2024-08-06T06:18:11.958Z Open on db.gcve.eu Reference links http://seclists.org/bugtraq/2015/Sep/134 http://packetstormsecurity.com/files/133779/RSA-Web-Threat-Detection-Privilege-Escalation-Information-Disclosure.html http://www.securitytracker.com/id/1033672	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-0541`	vulnerable	2026-06-03 14:34:35.674877	Details available Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat Detection before 5.1 allows remote attackers to hijack the authentication of arbitrary users. Published: 2015-06-05T10:00:00.000Z Updated: 2024-08-06T04:10:11.047Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1032477 http://seclists.org/bugtraq/2015/Jun/18	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-4627`	vulnerable	2026-06-03 14:34:03.892025	Details available SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before 4.6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Published: 2014-11-07T11:00:00.000Z Updated: 2024-08-06T11:20:26.891Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/98523 http://archives.neohapsis.com/archives/bugtraq/2014-11/0028.html http://www.securityfocus.com/bid/70955 http://www.securitytracker.com/id/1031172 http://packetstormsecurity.com/files/128986/RSA-Web-Threat-Detection-SQL-Injection.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.