Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSchneiderCVELIST:CVE-2018-7837
HistoryDec 24, 2018 - 4:00 p.m.

CVE-2018-7837

2018-12-2416:00:00
schneider
www.cve.org

0.006 Low

EPSS

Percentile

79.2%

JSON

An Improper Restriction of XML External Entity Reference (‘XXE’) vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow the software to resolve documents outside of the intended sphere of control, causing the software to embed incorrect documents into its output and expose restricted information.

CNA Affected

[
  {
    "product": "IIoT Monitor 3.1.38",
    "vendor": "Schneider Electric SE",
    "versions": [
      {
        "status": "affected",
        "version": "IIoT Monitor 3.1.38"
      }
    ]
  }
]

Related

zdi 6
cve 1
prion 1
nvd 1
ics 1
zdi
zdi
Schneider Electric IIoT Monitor RuleMgmt addRule XML External Entity Processing Information Disclosure Vulnerability
2019-01-14 00:00:00
Schneider Electric IIoT Monitor EventMgmt addEvent XML External Entity Processing Information Disclosure Vulnerability
2019-01-14 00:00:00
Schneider Electric IIoT Monitor AccountMgmt Login XML External Entity Processing Information Disclosure Vulnerability
2019-01-14 00:00:00
cve
cve
CVE-2018-7837
2018-12-24 16:29:00
prion
prion
Xxe
2018-12-24 16:29:00
nvd
nvd
CVE-2018-7837
2018-12-24 16:29:00
ics
ics
Schneider Electric IIoT Monitor (Update A)
2019-01-15 12:00:00

0.006 Low

EPSS

Percentile

79.2%

JSON
Related for CVELIST:CVE-2018-7837
zdi6cve1prion1nvd1ics1