Envision

envision

Vendor: Rsa • 11 CVEs

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-0403 1Rsa 1Envision Apr 29, 2026 Mar 20, 2012 N/A· v4 N/A· v3 6.3 MEDIUM· v2 Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authenticated users to have an unspecified impact via unknown vectors.
CVE-2012-0402 1Rsa 1Envision Apr 29, 2026 Mar 20, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obtain access via unknown vectors.
CVE-2012-0401 1Rsa 1Envision Apr 29, 2026 Mar 20, 2012 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-0400 1Rsa 1Envision Apr 29, 2026 Mar 20, 2012 N/A· v4 N/A· v3 7.9 HIGH· v2 EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVE-2012-0399 1Rsa 1Envision Apr 29, 2026 Mar 20, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-4143 1Rsa 1Envision Apr 29, 2026 Jan 27, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive information about environment variables in the web system via unspecified vectors.
CVE-2011-2737 1Rsa 1Envision Apr 29, 2026 Aug 25, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to read arbitrary files via unspecified vectors, related to an "arbitrary file retrieval vulnerability."
CVE-2011-2736 1Rsa 1Envision Apr 29, 2026 Aug 25, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 RSA enVision 4.x before 4 SP4 P3 places cleartext administrative credentials in Task Escalation e-mail messages, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access...Show more RSA enVision 4.x before 4 SP4 P3 places cleartext administrative credentials in Task Escalation e-mail messages, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to a recipient mailbox.Show less
CVE-2010-2634 1Rsa 1Envision Apr 29, 2026 Aug 10, 2010 N/A· v4 N/A· v3 4.0 MEDIUM· v2 RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspecified vectors.
CVE-2008-6886 1Rsa 1Envision Apr 23, 2026 Aug 3, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows remote attackers to obtain the administrator password hash and conduct brute force gue...Show more RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows remote attackers to obtain the administrator password hash and conduct brute force guessing attacks.Show less
CVE-2007-4900 1Rsa 1Envision Apr 23, 2026 Sep 14, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVision 3.3.6 Build 0115 allows remote attackers to inject arbitrary web script or HTML via the username field.