CVE-2020-7000
N/A
N/A
Summary
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HMI web interface.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| VISAM | VBASE Editor | 11.5.0.2 | affected |
| VISAM | VBASE Web-Remote Module | all | affected |
Weaknesses
- CWE-922: INSECURE STORAGE OF SENSITIVE INFORMATION CWE-922
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.