Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High

CVE-2017-6528

Disclosure Date: March 09, 2017 (last updated October 05, 2023)
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password storage (the /home/dna/spool/.pfile file).
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
1
Attacker Value
Moderate

CVE-2017-6527

Disclosure Date: March 09, 2017 (last updated October 05, 2023)
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
1