CVE-2021-42535

Summary

VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage.

Affected Software

VendorProductVersion RangeStatus
VISAMVBASE Pro-RT/ Server-RT (Web Remote)version 11.6.0.6affected

Weaknesses

  • CVE-79

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References