CVE-2021-38417

Summary

VISAM VBASE version 11.6.0.6 is vulnerable to improper access control via the web-remote endpoint, which may allow an unauthenticated user viewing access to folders and files in the directory listing.

Affected Software

VendorProductVersion RangeStatus
VISAMVBASE Pro-RT/ Server-RT (Web Remote)version 11.6.0.6affected

Weaknesses

  • CVE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References