Securetransport Security Vulnerabilities and Issues — Securetransport CVE List

Lucene search

AxwaySecuretransport

3 matches found

CVE•added 2019/07/26 4:15 a.m.•290 views

CVE-2019-14277

Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. This vulnerability can lead to local file disclosure, DoS, or URI invocation attacks (i.e., S...

9.8CVSS9.4AI score0.12517EPSS

CVE•added 2012/12/13 11:53 a.m.•47 views

CVE-2012-4991

Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a ..%5C (encoded dot dot backslash) in a URI.

8.5CVSS6.5AI score0.04141EPSS

CVE•added 2014/11/04 3:55 p.m.•43 views

CVE-2013-7057

Cross-site request forgery (CSRF) vulnerability in Axway SecureTransport 5.1 SP2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that upload arbitrary files via a crafted request to api/v1.0/files/.

6.8CVSS7.3AI score0.00414EPSS