Visam: >> Vbase >> 11.7.0.2 Security Vulnerabilities
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.
CVSS Score
5.5
EPSS Score
0.046
Published
2023-04-26
When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a login session can obtain the login credentials.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-09-16