Verastream Host Integrator, versions earlier than 7.8 Update 1 (7.8.49 or 126.96.36.199)
An information disclosure vulnerability has been identified in Verastream Host Integrator (VHI). The vulnerability allows unauthenticated attackers to view information they may not have been authorized to view. This vulnerability affects VHI versions earlier than 7.8 Update 1 (7.8.49 or 188.8.131.52).
An update, VHI 7.8 Update 1, fixes this vulnerability and is available to maintained customers from the downloads website, https://download.attachmate.com/upgrades
. Micro Focus recommends that customers upgrade as soon as possible. Customers that generated code using VHIâs Web Builder with the project type "HTML5 Web Application" should contact Support
for additional advice, and should regenerate that code after applying the update.
CVSS Version 3.1 and Version 2.0 Base Metrics: