Vulnerabilities > CVE-2018-15362 - XXE vulnerability in GE Cimplicity 10.0/9.0R2/9.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
HIGH Summary
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Common Weakness Enumeration (CWE)
References
- http://www.securityfocus.com/bid/106133
- http://www.securityfocus.com/bid/106133
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/07/klcert-18-025-general-electric-proficy-gds-xml-external-entity-xxe/
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/07/klcert-18-025-general-electric-proficy-gds-xml-external-entity-xxe/
- https://ics-cert.us-cert.gov/advisories/ICSA-18-340-01
- https://ics-cert.us-cert.gov/advisories/ICSA-18-340-01