How severe is CVE-2022-0221?

CVE-2022-0221 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2022-0221

Name: scadapack_workbench
Author: schneider-electric

5.5MEDIUM

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SC

Veröffentlicht: 4/13/2022Aktualisiert: 11/21/2024

Beschreibung

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SCADAPack Workbench. This could be exploited to pass data from local files to a remote system controlled by an attacker. Affected Product: SCADAPack Workbench (6.6.8a and prior)

KI-AnalyseKI-gestützt

Betroffene Produkte

schneider-electricscadapack_workbench

Referenzen

https://www.se.com/ww/en/download/document/SEVD-2022-087-01/
MitigationVendor Advisory
https://www.se.com/ww/en/download/document/SEVD-2022-087-01/
MitigationVendor Advisory