Cogent Datahub Security Vulnerabilities and Issues — Cogent Datahub CVE List

Lucene search

CogentdatahubCogent Datahub

6 matches found

CVE•added 2011/09/16 5:26 p.m.•44 views

CVE-2011-3500

Directory traversal vulnerability in the web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request.

5CVSS6.9AI score0.00111EPSS

CVE•added 2013/04/05 9:55 p.m.•43 views

CVE-2013-0681

Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text ...

5CVSS6.8AI score0.00455EPSS

CVE•added 2011/09/16 5:26 p.m.•38 views

CVE-2011-3502

The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing (1) space or (2) %2e (encoded dot).

5CVSS7AI score0.08294EPSS

CVE•added 2012/01/13 4:14 a.m.•36 views

CVE-2012-0310

CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

5.8CVSS7AI score0.01087EPSS

CVE•added 2014/05/30 11:55 p.m.•36 views

CVE-2014-2354

Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.

5CVSS6.7AI score0.0027EPSS

CVE•added 2011/09/16 5:26 p.m.•32 views

CVE-2011-3501

Integer overflow in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to cause a denial of service (crash) via a negative or large Content-Length value.

5CVSS7AI score0.15491EPSS