CVE-2020-7008
HIGHVISAM VBASE Editor 11.5.0.2 and VBASE Web-Remote Module - Path Traversal via URL Input
Title source: llmDescription
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from local resources.
References (1)
Core 1
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsa-20-084-01
Scores
CVSS v3
7.5
EPSS
0.0186
EPSS Percentile
76.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
CWE-23
Status
published
Products (2)
visam/vbase_editor
11.5.0.2
visam/vbase_web-remote
Published
Apr 03, 2020
Tracked Since
Feb 18, 2026