Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GE Gas Power ToolBoxST Improper Restriction of XML External Entity Reference
Vulnerability Description
GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band (OOB) attack. The vulnerability is triggered when input passed to the XML parser is not sanitized while parsing the XML project/template file.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
GE Gas Power ToolBoxST 代码问题漏洞
Vulnerability Description
GE Gas Power ToolBoxST是美国通用电气(GE)公司的一个控制系统工具箱,用于过程、SIL、励磁和功率转换。 GE Gas Power ToolBoxST v04.07.05C版本存在代码问题漏洞,攻击者可利用该漏洞通过带外(OOB)攻击泄露和检索受影响节点上的任意数据。
CVSS Information
N/A
Vulnerability Type
N/A