CVE-2022-45468

Name of the Vulnerable Software and Affected Versions VISAM VBASE Automation Base versions prior to 11.7.5

Description The issue may disclose information if a valid user opens a specially crafted file. This occurs due to improper handling of XML External Entity (XXE) processing in the file parsing mechanism.

Recommendations For versions prior to 11.7.5, update to version 11.7.5 or later to resolve the issue. As a temporary workaround, consider restricting access to specially crafted files until the update is applied. Avoid using the VBASE-Editor LayerSettings file parsing feature with untrusted files until the issue is resolved.