CVE-2020-7008

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from local resources.
References
Link Resource
https://www.us-cert.gov/ics/advisories/icsa-20-084-01 Mitigation Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:visam:vbase_editor:11.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:visam:vbase_web-remote:-:*:*:*:*:*:*:*

Information

Published : 2020-04-03 11:15

Updated : 2020-04-06 07:54


NVD link : CVE-2020-7008

Mitre link : CVE-2020-7008


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

visam

  • vbase_web-remote
  • vbase_editor