CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
27.8%
XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic consumption) or read arbitrary files via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
yokogawa | fast\/tools | r9.01 | cpe:2.3:a:yokogawa:fast\/tools:r9.01:*:*:*:*:*:*:* |
yokogawa | fast\/tools | r9.02 | cpe:2.3:a:yokogawa:fast\/tools:r9.02:*:*:*:*:*:*:* |
yokogawa | fast\/tools | r9.03 | cpe:2.3:a:yokogawa:fast\/tools:r9.03:*:*:*:*:*:*:* |
yokogawa | fast\/tools | r9.04 | cpe:2.3:a:yokogawa:fast\/tools:r9.04:*:*:*:*:*:*:* |
yokogawa | fast\/tools | r9.05 | cpe:2.3:a:yokogawa:fast\/tools:r9.05:*:*:*:*:*:*:* |