PT-2018-12996 · Ge · Ge Proficy Cimplicity Gds

Published

2018-12-07

Updated

2019-02-06

CVE-2018-15362

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0

Description The issue concerns an XXE (XML External Entity) problem. No further details are provided about the nature of the issue, affected devices, or real-world incidents.

Recommendations For GE Proficy Cimplicity GDS version 9.0 R2, update to a version that includes a fix for this issue. For GE Proficy Cimplicity GDS version 9.5, update to a version that includes a fix for this issue. For GE Proficy Cimplicity GDS version 10.0, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XXE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-611

Related Identifiers

CVE-2018-15362

Affected Products

Ge Proficy Cimplicity Gds

PT-2018-12996 · Ge · Ge Proficy Cimplicity Gds

CVE-2018-15362

Weakness Enumeration

Related Identifiers

Affected Products

References · 5