CVE-2020-7004
HIGHVISAM VBASE Editor 11.5.0.2 and VBASE Web-Remote Module - Insecure Directory Permissions
Title source: llmDescription
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in elevation of privileges or malicious effects on the system the next time a privileged user runs the application.
References (1)
Core 1
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsa-20-084-01
Scores
CVSS v3
8.8
EPSS
0.0036
EPSS Percentile
27.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-276
Status
published
Products (2)
visam/vbase_editor
11.5.0.2
visam/vbase_web-remote
Published
Apr 03, 2020
Tracked Since
Feb 18, 2026