- Description
- A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause loss of confidentiality when replacing a project file on the local filesystem and after manual restart of the server.
- Source
- cybersecurity@se.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- cybersecurity@se.com
- CWE-611
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:se:ecostruxure_opc_ua_server_expert:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89F38F9E-3BD3-4964-A940-89A54C2445BC",
"versionEndExcluding": "2.01"
},
{
"criteria": "cpe:2.3:a:se:ecostruxure_opc_ua_server_expert:2.01:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57255D20-34C7-45D8-9139-B61444E7AAD4"
}
],
"operator": "OR"
}
]
}
]