CVE-2019-9157

MEDIUM

Gemalto DS3 Authentication Server < 3.1.0 - Local File Disclosure via Path Traversal

Title source: llm
STIX 2.1

Description

Gemalto DS3 Authentication Server 2.6.1-SP01 allows Local File Disclosure.

References (2)

Core 2
Core References
Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2019/May/6

Scores

CVSS v3 5.7
EPSS 0.0072
EPSS Percentile 49.4%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (1)
gemalto/ezio_ds3_server < 3.1.0
Published Jun 05, 2019
Tracked Since Feb 18, 2026