CVE-2020-7008

EPSS 1.9%CWE-23

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from local resources.

Productos afectados

VISAM · VBASE Editor VISAM · VBASE Web-Remote Module

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.us-cert.gov/ics/advisories/icsa-20-084-01