CVE-2023-39472

Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...

CVE-2023-39472

Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...

CVE-2023-39472

CVE-2023-39472 — Inductive Automation Ignition is affected through the SimpleXMLReader’s XML External Entity (XXE) handling, where a crafted XML can trigger the parser to fetch a URI and embed its contents, enabling information disclosure in the SYSTEM context. Exploitation requires authenticatio...

CVE-2023-39472 Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability

Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...

CVE-2023-39472 Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability

Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...

Inductive Automation Ignition 安全漏洞

Inductive Automation Ignition is an integrated software platform for SCADA systems from Inductive Automation, USA. The platform supports SCADA Data Acquisition and Monitoring Systems, HMI Human Machine Interface and more. A security vulnerability exists in Inductive Automation Ignition that stems...

PT-2023-26961 · Inductive Automation · Inductive Automation Ignition

Name of the Vulnerable Software and Affected Versions: Inductive Automation Ignition affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit...

(0Day) Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the SimpleXMLReader class. Due to the improper restriction of XML...