Vulnerabilities > Visam
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-26 | CVE-2022-45876 | XXE vulnerability in Visam Vbase 11.7.0.2 Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file. | 5.5 |
| 2023-03-21 | CVE-2022-41696 | Unspecified vulnerability in Visam Vbase Automation Base Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file. | 5.5 |
| 2023-03-21 | CVE-2022-43512 | XXE vulnerability in Visam Vbase Automation Base Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file. | 5.5 |
| 2023-03-21 | CVE-2022-45121 | Unspecified vulnerability in Visam Vbase Automation Base Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file. | 5.5 |
| 2023-03-21 | CVE-2022-45468 | Unspecified vulnerability in Visam Vbase Automation Base Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file. | 5.5 |
| 2023-03-21 | CVE-2022-46286 | Unspecified vulnerability in Visam Vbase Automation Base Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file. | 5.5 |
| 2023-03-21 | CVE-2022-46300 | XXE vulnerability in Visam Vbase Automation Base Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file. | 5.5 |
| 2020-04-03 | CVE-2020-7008 | Path Traversal vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from local resources. | 5.0 |
| 2020-04-03 | CVE-2020-7004 | Incorrect Default Permissions vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in elevation of privileges or malicious effects on the system the next time a privileged user runs the application. | 7.2 |
| 2020-04-03 | CVE-2020-7000 | Insecure Storage of Sensitive Information vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HMI web interface. | 5.0 |