Описание
Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
5.5 Medium
CVSS3
Дефекты
Связанные уязвимости
Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed.
Уязвимость программы управления контроллером движения OMRON CX-Motion Pro, связанная с некорректным ограничением ссылок на внешние сущности XML (XXE), позволяющая нарушителю получить доступ к защищаемой информации
EPSS
5.5 Medium
CVSS3