📦

envision

Vendor: ironmountain

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 1 Remote Access
Total CVEs 3 Total Indexed
Avg. EPSS 0.46% Exploit Prob.
Latest CVE CVE-2025-9588 Sep 23

Security Vulnerability Index

Page 1 / 1
10.0 CVSS
CVE-2025-9588
RCE

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Services Inc. EnVision allows Command Injection. This issue affects enVision: before 250563.

EPSS: 0.40%
6.3 CVSS
CVE-2012-0403

Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authenticated users to have an unspecified impact via unknown vectors.

EPSS: 0.33%
9.3 CVSS
CVE-2012-0402

EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obtain access via unknown vectors.

EPSS: 0.88%
6.5 CVSS
CVE-2012-0401

Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

EPSS: 0.39%
7.9 CVSS
CVE-2012-0400

EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

EPSS: 0.96%
4.3 CVSS
CVE-2012-0399

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

EPSS: 0.33%
5.0 CVSS
CVE-2011-4143

EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive information about environment variables in the web system via unspecified vectors.

EPSS: 0.23%
5.0 CVSS
CVE-2011-2737

RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to read arbitrary files via unspecified vectors, related to an "arbitrary file retrieval vulnerability."

EPSS: 0.28%
5.0 CVSS
CVE-2011-2736

RSA enVision 4.x before 4 SP4 P3 places cleartext administrative credentials in Task Escalation e-mail messages, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to a recipient mailbox.

EPSS: 0.28%
4.0 CVSS
CVE-2010-2634

RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspecified vectors.

EPSS: 0.40%