Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SCADAPack Workbench. This could be exploited to pass data from local files to a remote system controlled by an attacker. Affected Product: SCADAPack Workbench (6.6.8a and prior)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
Schneider Electric SCADAPack 代码问题漏洞
Vulnerability Description
Schneider Electric SCADAPack是法国施耐德(Schneider Electric)公司的一款智能现场控制器,该控制器结合了远程终端控制(RTU)的监控通讯能力,可编程逻辑控制器(PLC)的处理和数据记录功能,为需要自动监控和自主控制的远程过程提供卓越的功能。 Schneider Electric SCADAPack Workbench存在代码问题漏洞,该漏洞源于当使用SCADAPack Workbench打开攻击者提供的恶意解决方案文件时导致信息泄露。攻击者利用该漏洞将数据从本地
CVSS Information
N/A
Vulnerability Type
N/A