CVE-2022-0221
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SCADAPack Workbench. This could be exploited to pass data from local files to a remote system controlled by an attacker. Affected Product: SCADAPack Workbench (6.6.8a and prior)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric | SCADAPack Workbench | 6.6.8a < and prior | affected |
Weaknesses
- CWE-611: CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.