How severe is CVE-2022-0221?

CVE-2022-0221 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2022-0221

Name: scadapack_workbench
Author: schneider-electric

5.5MEDIUM

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SC

Published: 4/13/2022Updated: 11/21/2024

Description

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SCADAPack Workbench. This could be exploited to pass data from local files to a remote system controlled by an attacker. Affected Product: SCADAPack Workbench (6.6.8a and prior)

AI AnalysisPowered by AI

Affected Products

schneider-electricscadapack_workbench

References

https://www.se.com/ww/en/download/document/SEVD-2022-087-01/
MitigationVendor Advisory
https://www.se.com/ww/en/download/document/SEVD-2022-087-01/
MitigationVendor Advisory