5 matches found
CVE-2023-42666
DexGate (DEXGate device from DEXMA) is affected by CVE-2023-42666, an exposure of sensitive information to an unauthorized actor vulnerability that can enable crafting malicious requests to obtain the web server version information. Public documentation in the connected sources identifies the aff...
CVE-2023-41088
CVE-2023-41088 affects DexGate/Dexma DexGate devices. The vulnerability is a cleartext transmission of sensitive information, allowing an attacker with network access to capture traffic between clients and the DexGate server, potentially exposing credentials or other sensitive data. Public detail...
CVE-2023-42435
CVE-2023-42435 describes a cross-site request forgery (CSRF) vulnerability in DexGate (DEXGate) from DEXMA. Public documents identify the affected product as DexGate, specifically version 20130114, with the CSRF flaw enabling an attacker to perform actions in the context of a victim user. No conc...
CVE-2023-41089
CVE-2023-41089 affects DEXGate (DEXGate version 20130114). The vulnerability is improper authentication that can allow an attacker to impersonate a legitimate user while a session remains active, by exploiting the cookie header to generate legitimate requests. CVSS v3 base score 8.0 (ATT&CK conte...
CVE-2023-40153
CVE-2023-40153 affects DEXMA DexGate (DEXGate 20130114). The Red Hat advisory and multiple sources describe a cross-site scripting (XSS) vulnerability in the hostname parameter of the vulnerable software, enabling arbitrary JavaScript execution within the web application. Public references also i...