CVE-2013-3626
critical
CVSS v3
—
VIR risk
9.3
Description
Directory traversal vulnerability in the Session Server in Attachmate Verastream Host Integrator (VHI) 6.0 through 7.5 SP 1 HF 1 allows remote attackers to upload and execute arbitrary files via a crafted message.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| attachmate | verastream_host_integrator | 6.0 | |
| attachmate | verastream_host_integrator | 6.5 | |
| attachmate | verastream_host_integrator | 6.6 | |
| attachmate | verastream_host_integrator | 7.0 | |
| attachmate | verastream_host_integrator | 7.1 | |
| attachmate | verastream_host_integrator | 7.5 | |
References
CWEs
CWE-22
💬 Discuss CVE-2013-3626 on VIR Community →
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.