Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSiemensCVELIST:CVE-2020-26981
HistoryJan 12, 2021 - 8:18 p.m.

CVE-2020-26981

2021-01-1220:18:33
CWE-611
siemens
www.cve.org

6.9 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.0%

JSON

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11890)

CNA Affected

[
  {
    "product": "JT2Go",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V13.1.0"
      }
    ]
  },
  {
    "product": "Teamcenter Visualization",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V13.1.0"
      }
    ]
  }
]

Related

cve 1
zdi 1
prion 1
nvd 1
nessus 1
ics 1
cve
cve
CVE-2020-26981
2021-01-12 21:15:16
zdi
zdi
Siemens JT2Go PLMXML File Parsing XML External Entity Processing Information Disclosure Vulnerability
2021-01-14 00:00:00
prion
prion
Code injection
2021-01-12 21:15:00
nvd
nvd
CVE-2020-26981
2021-01-12 21:15:16
nessus
nessus
Siemens JT2Go < 13.1.0 Multiple Vulnerabilities (SSA-622830)
2021-01-29 00:00:00
ics
ics
Siemens JT2Go and Teamcenter Visualization (Update B)
2021-05-27 12:00:00

6.9 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.0%

JSON
Related for CVELIST:CVE-2020-26981
cve1zdi1prion1nvd1nessus1ics1