CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-37200

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause loss of confidentiality when replacing a project file on the local filesystem and after manual restart of the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.7%

CVSS Severity

CVSS v3 Score 5.5

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-02.pdf
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-02.pdf

Products affected by CVE-2023-37200

Se » Ecostruxure Opc Ua Server Expert » Version: N/A

cpe:2.3:a:se:ecostruxure_opc_ua_server_expert:-
Se » Ecostruxure Opc Ua Server Expert » Version: 2.00

cpe:2.3:a:se:ecostruxure_opc_ua_server_expert:2.00
Se » Ecostruxure Opc Ua Server Expert » Version: 2.01

cpe:2.3:a:se:ecostruxure_opc_ua_server_expert:2.01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37200

Products

Pricing

Contact Us