6 matches found
CVE-2022-46300
CVE-2022-46300 affects VISAM VBASE Automation Base prior to 11.7.5. Root cause: improper restriction of XML External Entity references (XXE) in GestureConfigurations/XML parsing. Impact: potential information disclosure with user opening a crafted file (local attack surface; confidentiality impac...
CVE-2022-43512
VBASE Automation Base (VISAM) is affected pre-11.7.5 by CVE-2022-43512 due to improper restriction of XML External Entity references in DBConnections XML parsing. This can disclose information when a valid user opens a specially crafted file; exploitation requires user interaction and is not remo...
CVE-2022-41696
VBASE VISAM Automation Base (VBASE) versions prior to 11.7.5 are affected by an XML External Entity (XXE) processing flaw in the FB.XML file parsing, leading to information disclosure when a valid user opens a specially crafted file. Impact is information disclosure with CVSS v3.1 base score 5.5 ...
CVE-2022-45121
CVE-2022-45121 affects VISAM VBASE Automation Base prior to 11.7.5. The issue is an improper restriction of XML External Entity references (XXE) in the FB.XML/file parsing, leading to information disclosure when a valid user opens a crafted file. Affected product: VBASE Automation Base. Root caus...
CVE-2022-46286
CVE-2022-46286 affects VISAM VBASE Automation Base prior to 11.7.5. The vulnerability stems from improper restriction of XML External Entity (XXE) references in the VBASE Editor/WebRemote/XML parsing, allowing information disclosure when a legitimate user opens a specially crafted file. Impact is...
CVE-2022-45468
CVE-2022-45468 affects VISAM VBASE Automation Base prior to 11.7.5. The vulnerability arises from improper restriction of XML External Entity (XXE) processing in the VBASE Editor/parse flow, allowing a valid user to disclose information by opening a specially crafted file. Impact is information d...