CVE-2021-40356
N/A
N/A
Summary
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | Teamcenter V12.4 | All versions < V12.4.0.8 | affected |
| Siemens | Teamcenter V13.0 | All versions < V13.0.0.7 | affected |
| Siemens | Teamcenter V13.1 | All versions < V13.1.0.5 | affected |
| Siemens | Teamcenter V13.2 | All versions < 13.2.0.2 | affected |
Weaknesses
- CWE-611: CWE-611: Improper Restriction of XML External Entity Reference
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.