Vulnerability Details CVE-2021-37178
A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). An XML external entity injection vulnerability in the underlying XML parser could cause the affected application to disclose arbitrary files to remote attackers by loading a specially crafted xml file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.5%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
Products affected by CVE-2021-37178
-
cpe:2.3:h:siemens:solid_edge_se2021:-
-
cpe:2.3:o:siemens:solid_edge_se2021_firmware:-