Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Inductive Automation Ignition
Vulnerability Description
Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
Inductive Automation Ignition 代码问题漏洞
Vulnerability Description
Inductive Automation Ignition是美国Inductive Automation公司的一套用于SCADA系统的集成软件平台。该平台支持SCADA(数据采集与监控系统)、HMI(人机界面)等。 Inductive Automation Ignition存在代码问题漏洞,该漏洞源于在没有XML安全标志的情况下解析备份或还原功能中的XML,可能会导致XML外部实体注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A