{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T03:03:31.911","vulnerabilities":[{"cve":{"id":"CVE-2022-3217","sourceIdentifier":"vulnreport@tenable.com","published":"2022-09-16T22:15:12.247","lastModified":"2024-11-21T07:19:04.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a login session can obtain the login credentials."},{"lang":"es","value":"Cuando es iniciada la sesión en un proyecto de tiempo de ejecución VBASE por medio de Web-Remote, el producto usa XOR con una clave inicial estática para ofuscar los mensajes de inicio de sesión. Un atacante remoto no autenticado con la capacidad de capturar una sesión de inicio de sesión puede obtener las credenciales de inicio de sesión"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:visam:vbase:11.7.0.2:*:*:*:*:*:*:*","matchCriteriaId":"7E08BCC8-EE4B-4DF3-A1A8-8CA5AB5B16AB"}]}]}],"references":[{"url":"https://www.tenable.com/security/research/tra-2022-31","source":"vulnreport@tenable.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.tenable.com/security/research/tra-2022-31","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}