3 matches found
CVE-2018-15362
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...
CVE-2018-15362
An XXE (XML External Entity) vulnerability (CWE-611) affects GE Proficy Cimplicity GDS in versions 9.0 R2, 9.5, 10.0. The root cause is improper restriction of XML external entities, enabling an attacker to initiate an OPC UA session and retrieve an arbitrary file. CVSSv3 base score 9.1 (CRITICAL...
CVE-2018-15362
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...