Unrated severityNVD Advisory· Published Dec 24, 2018· Updated Aug 5, 2024
CVE-2018-7837
CVE-2018-7837
Description
An Improper Restriction of XML External Entity Reference ('XXE') vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow the software to resolve documents outside of the intended sphere of control, causing the software to embed incorrect documents into its output and expose restricted information.
Affected products
2=3.1.38+ 1 more
- (no CPE)range: =3.1.38
- (no CPE)range: IIoT Monitor 3.1.38
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/106484mitrevdb-entryx_refsource_BID
- www.schneider-electric.com/en/download/document/SEVD-2018-354-03/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.