Verastream Host Integrator version 7.7 SP2 and earlier
A path traversal vulnerability has been identified in Verastream Host Integrator (VHI). The vulnerability allows remote unauthenticated attackers to read arbitrary files. This vulnerability affects VHI versions 7.7 SP2 and earlier.
An update, VHI 7.7 SP2 Update 1, that fixes this vulnerability is available to maintained customers through the download website, https://download.attachmate.com/upgrades
. Micro Focus recommends that customers upgrade as soon as possible.
CVE Reference and CVSS Version 3.0 and Version 2.0 Base Metrics:
V3 Base Score
V2 Base Score