Unrated severityNVD Advisory· Published Nov 6, 2013· Updated Apr 29, 2026

CVE-2013-3626

Description

Directory traversal vulnerability in the Session Server in Attachmate Verastream Host Integrator (VHI) 6.0 through 7.5 SP 1 HF 1 allows remote attackers to upload and execute arbitrary files via a crafted message.

Affected products

Attachmate/Verastream Host Integrator7 versions
cpe:2.3:a:attachmate:verastream_host_integrator:6.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:attachmate:verastream_host_integrator:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:verastream_host_integrator:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:verastream_host_integrator:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:verastream_host_integrator:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:verastream_host_integrator:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:verastream_host_integrator:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:verastream_host_integrator:7.5:sp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.attachmate.com/techdocs/2700.htmlnvdVendor Advisory
www.kb.cert.org/vuls/id/436214nvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000