Описание
A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). An XML external entity injection vulnerability in the underlying XML parser could cause the affected application to disclose arbitrary files to remote attackers by loading a specially crafted xml file.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до se2021mp7 (исключая)
Одновременно
cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00218
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-611
CWE-611
Связанные уязвимости
github
больше 3 лет назад
A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). An XML external entity injection vulnerability in the underlying XML parser could cause the affected application to disclose arbitrary files to remote attackers by loading a specially crafted xml file.
EPSS
Процентиль: 44%
0.00218
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-611
CWE-611