exploitDog

GHSA-2j3m-gwxg-45rx

Опубликовано: 30 янв. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed.

Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed.

Ссылки

EPSS

Процентиль: 23%

0.00076

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2023-22322

CVSS3: 5.5

nvd

около 3 лет назад

Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed.

BDU:2024-10609

CVSS3: 5.5

fstec

около 3 лет назад

Уязвимость программы управления контроллером движения OMRON CX-Motion Pro, связанная с некорректным ограничением ссылок на внешние сущности XML (XXE), позволяющая нарушителю получить доступ к защищаемой информации

EPSS

Процентиль: 23%

0.00076

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611