exploitDog

CVE-2023-29498

Опубликовано: 13 июн. 2023

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC Loader v1.1.0.3 and earlier. If a user opens a specially crafted project file, sensitive information on the system where the affected product is installed may be disclosed.

Ссылки

https://felib.fujielectric.co.jp/download/details.htm?dataid=45829407&site=global&lang=en
Product
https://jvn.jp/en/vu/JVNVU97809354/
Third Party Advisory
https://felib.fujielectric.co.jp/download/details.htm?dataid=45829407&site=global&lang=en
Product
https://jvn.jp/en/vu/JVNVU97809354/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fujielectric:frenic_rhc_loader:*:*:*:*:*:*:*:*

Версия до 1.1.0.3 (включая)

EPSS

Процентиль: 5%

0.00022

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-611

CWE-611

Связанные уязвимости

GHSA-fr4x-v988-5548

CVSS3: 5.5

github

больше 2 лет назад

Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC Loader v1.1.0.3 and earlier. If a user opens a specially crafted project file, sensitive information on the system where the affected product is installed may be disclosed.

EPSS

Процентиль: 5%

0.00022

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-611

CWE-611