Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized read access to the file system when a malicious configuration file is loaded on to the software by a local user.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
Schneider Electric OPC Factory Server 代码问题漏洞
Vulnerability Description
Schneider Electric OPC Factory Server是法国施耐德电气(Schneider Electric)公司的一种软件应用程序。 Schneider Electric OPC Factory Server V3.63SP2之前版本存在代码问题漏洞,该漏洞源于存在对XML外部实体引用的不当限制漏洞,当本地用户将恶意配置文件加载到软件时,可能导致对文件系统进行未经授权的读取访问。
CVSS Information
N/A
Vulnerability Type
N/A