CVE-2023-29498

medium

Description

Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC Loader v1.1.0.3 and earlier. If a user opens a specially crafted project file, sensitive information on the system where the affected product is installed may be disclosed.

References

https://jvn.jp/en/vu/JVNVU97809354/

https://felib.fujielectric.co.jp/download/details.htm?dataid=45829407&site=global&lang=en

Details

Source: Mitre, NVD

Published: 2023-06-13

Updated: 2023-06-22

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N