Cogent Datahub vulnerabilities
3 known vulnerabilities affecting cogent/datahub.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2014-2352P4MEDIUMCVSS 6.4fixed in 7.3.52014-05-30
CVE-2014-2352 [MEDIUM] CWE-22 CVE-2014-2352: The directory specifier can include designators that can be used to traverse the directory path. Ex
The directory specifier can include designators that can be used to
traverse the directory path. Exploiting this vulnerability may enable an
attacker to access a limited number of hardcoded file types. Further
exploitation of this vulnerability may allow an attacker to cause the
web server component to enter a denial-of-service condition.
nvd
CVE-2014-2354P4MEDIUMCVSS 5.0fixed in 7.3.52014-05-30
CVE-2014-2354 [MEDIUM] CWE-916 CVE-2014-2354: Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for c
Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
nvd
CVE-2014-2353P4MEDIUMCVSS 4.3fixed in 7.3.52014-05-30
CVE-2014-2353 [MEDIUM] CWE-80 CVE-2014-2353: Cross-site scripting (XSS) vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to i
Cross-site scripting (XSS) vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd