CVE-2023-29498

Summary

Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC Loader v1.1.0.3 and earlier. If a user opens a specially crafted project file, sensitive information on the system where the affected product is installed may be disclosed.

Affected Software

VendorProductVersion RangeStatus
FUJI ELECTRIC CO., LTD.FRENIC RHC Loaderv1.1.0.3 and earlieraffected

Weaknesses

  • Improper restriction of XML external entity reference (XXE)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References