Vulnerability CVE-2022-1704
Published: 2022-08-05

Description:
Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup.

Type:

CWE-611

 (Information Exposure Through XML External Entity Reference)

 References:
https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-01
Copyright 2024, cxsecurity.com

 

Back to Top