DS3 : Security Vulnerabilities, CVEs,
ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote attackers to inject arbitrary error-page text via the message parameter.
Max CVSS
5.0
EPSS Score
0.15%
Published
2013-06-28
Updated
2013-07-01
ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error message.
Max CVSS
5.0
EPSS Score
0.23%
Published
2013-06-28
Updated
2013-07-01
ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOST_NAME field.
Max CVSS
9.0
EPSS Score
0.12%
Published
2013-06-28
Updated
2013-07-01
3 vulnerabilities found