Lucene search
K
VisamVbase Web-remote

8 matches found

CVE
CVE
added 2020/04/03 5:44 p.m.120 views

CVE-2020-7008

CVE-2020-7008 affects VISAM VBASE Editor 11.5.0.2 and VBASE Web-Remote Module. A path traversal vulnerability lets an attacker supply unverified URL input to read arbitrary local files. Red Hat and CVE records confirm the issue and ICS/CISA advisories reference the same affected products. Mitigat...

7.5CVSS7.3AI score0.0186EPSS
CVE
CVE
added 2022/07/27 8:20 p.m.119 views

CVE-2021-42537

CVE-2021-42537 affects VISAM VBASE Editor (and VBASE 11.6.0.6) where processing XML documents can embed external-entity references, leading to output containing incorrect documents. The issue is tied to improper restriction of XML external entity references (CWE-611) in VISAM VBASE Editor 11.6.0....

7.5CVSS6.7AI score0.00433EPSS
CVE
CVE
added 2020/04/03 5:44 p.m.108 views

CVE-2020-10601

CVE-2020-10601 affects VISAM VBASE Editor (11.5.0.2) and VBASE Web-Remote Module. The root cause is a weak hashing algorithm and insecure permissions, enabling a local attacker to bypass the password‑protected mechanism via brute-force or by overwriting the password hash. Impact is local, allowin...

7.8CVSS7.5AI score0.00251EPSS
CVE
CVE
added 2020/04/03 5:51 p.m.105 views

CVE-2020-10599

Summary: CVE-2020-10599 affects VISAM VBASE Editor 11.5.0.2 and VBASE Web-Remote Module, where a vulnerable ActiveX component enables a stack-based buffer overflow leading to denial of service and arbitrary code execution. Red Hat and NVD entries corroborate the same issue. The ics advisory confi...

9.8CVSS9.5AI score0.02515EPSS
CVE
CVE
added 2020/04/03 5:50 p.m.104 views

CVE-2020-7000

CVE-2020-7000 affects VISAM VBASE Editor v11.5.0.2 and VBASE Web-Remote Module. The vulnerability allows an unauthenticated attacker to obtain the web server’s cryptographic key and information about the login and encryption/decryption mechanism, enabling bypass of authentication for the HTML5 HM...

7.5CVSS7.8AI score0.01089EPSS
CVE
CVE
added 2020/04/03 5:44 p.m.100 views

CVE-2020-7004

CVE-2020-7004 affects VISAM VBASE Editor v11.5.0.2 and VBASE Web-Remote Module. The issue is weak or insecure permissions on the VBASE directory, enabling elevation of privileges when a privileged user runs the application. Public sources in the connected documents confirm this vulnerability and ...

8.8CVSS8.5AI score0.00372EPSS
CVE
CVE
added 2022/07/27 8:21 p.m.82 views

CVE-2021-42535

CVE-2021-42535 affects VISAM VBASE Editor (Web Remote) on version 11.6.0.6, where user-controllable input is not properly neutralized before being emitted into public-facing webpages (Cross-Site Scripting). Connected sources confirm the affected product and root cause; remediation guidance from I...

6.1CVSS6.1AI score0.00401EPSS
CVE
CVE
added 2022/07/27 8:20 p.m.75 views

CVE-2021-38417

CVE-2021-38417 affects VISAM VBASE Editor (WEB REMOTE) 11.6.0.6, where improper access control via the web-remote endpoint may allow an unauthenticated user to view folders/files in a directory listing. Public sources consistently describe this vulnerability as an improper access control issue (C...

7.5CVSS7.7AI score0.00668EPSS