Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axway vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-14277
Axway SecureTransport 5.x up to and including 5.3 (or 5.x up to and including 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. This vulnerability can lead to local file disclosu...
Axway Securetransport 5.3.0
Axway Securetransport 5.3.1
Axway Securetransport 5.3.3
Axway Securetransport 5.3.6
Axway Securetransport 5.2.1
5
CVSSv2
CVE-2012-6452
Axway Secure Messenger prior to 6.5 Updated Release 7, as used in Axway Email Firewall, provides different responses to authentication requests depending on whether the user exists, which allows remote malicious users to enumerate users via a series of requests.
Axway Email Firewall -
Axway Secure Messenger 6.3.2
Axway Secure Messenger
8.5
CVSSv2
CVE-2012-4991
Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and previous versions allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a ..%5C (encoded dot dot backslash) in a URI.
Axway Securetransport
1 EDB exploit
6.8
CVSSv2
CVE-2013-7057
Cross-site request forgery (CSRF) vulnerability in Axway SecureTransport 5.1 SP2 and previous versions allows remote malicious users to hijack the authentication of unspecified users for requests that upload arbitrary files via a crafted request to api/v1.0/files/.
Axway Securetransport
1 EDB exploit
5
CVSSv2
CVE-2015-5606
Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote malicious users to cause a denial of service via a specially crafted request.
Axway Vordel Xml Gateway 7.2.2
5
CVSSv2
CVE-2019-6500
In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request with %2e instead of '.' characters, as demonstrated by an initial /h2hdocumentation//%2e%2e/ substring.
Axway File Tranfer Direct 2.7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started