Vulnerabilities > DS3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-06-28 | CVE-2013-4098 | Improper Input Validation vulnerability in DS3 Authentication Server ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote attackers to inject arbitrary error-page text via the message parameter. | 5.0 |
2013-06-28 | CVE-2013-4097 | Path Traversal vulnerability in DS3 Authentication Server ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error message. | 5.0 |
2013-06-28 | CVE-2013-4096 | Improper Input Validation vulnerability in DS3 Authentication Server ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOST_NAME field. | 9.0 |