CVE

Id
62743  
CVE No.
CVE-2013-2796  
Status
Candidate  
Description
Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.  
Phase
Assigned (20130411)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
626165 62743 CVE-2013-2796 MISC:http://ics-cert.us-cert.gov/advisories/ICSA-13-217-02  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
22276 JVNDB-2013-003851 OSIsoft PI Interface for IEEE におけるサービス運用妨害 (DoS) の脆弱性 OSIsoft PI Interface for IEEE には、サービス運用妨害 (インスタンスのシャットダウンおよびデータ収集停止) 状態にされる脆弱性が存在します。 CVE-2013-2801 62743 5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003851.html  View