How severe is CVE-2022-0221?

CVE-2022-0221 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2022-0221

Name: scadapack_workbench
Author: schneider-electric

5.5MEDIUM

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SC

发布于: 4/13/2022更新于: 11/21/2024

描述

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SCADAPack Workbench. This could be exploited to pass data from local files to a remote system controlled by an attacker. Affected Product: SCADAPack Workbench (6.6.8a and prior)

AI分析AI驱动

受影响产品

schneider-electricscadapack_workbench

参考资料

https://www.se.com/ww/en/download/document/SEVD-2022-087-01/
MitigationVendor Advisory
https://www.se.com/ww/en/download/document/SEVD-2022-087-01/
MitigationVendor Advisory