CVE-2022-3217
CVE-2022-3217
When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a login session can obtain the login credentials.
Affected products
n/a · VISAM VBASEWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →