How severe is CVE-2022-0221?

CVE-2022-0221 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2022-0221

Name: scadapack_workbench
Author: schneider-electric

5.5MEDIUM

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SC

公開日: 4/13/2022更新日: 11/21/2024

説明

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SCADAPack Workbench. This could be exploited to pass data from local files to a remote system controlled by an attacker. Affected Product: SCADAPack Workbench (6.6.8a and prior)

AI分析AIによる分析

影響を受ける製品

schneider-electricscadapack_workbench

参照

https://www.se.com/ww/en/download/document/SEVD-2022-087-01/
MitigationVendor Advisory
https://www.se.com/ww/en/download/document/SEVD-2022-087-01/
MitigationVendor Advisory