CVE-2021-38417

High

7.4/10

Summary

VISAM VBASE version 11.6.0.6 is vulnerable to improper access control via the web-remote endpoint, which may allow an unauthenticated user viewing access to folders and files in the directory listing.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: CHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

References

Advisory Timeline

Published Jul 27, 2022

CVE-2021-38417

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS