CVE-2023-29498: XEE
First published: Tue Jun 13 2023(Updated: )
Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC Loader v1.1.0.3 and earlier. If a user opens a specially crafted project file, sensitive information on the system where the affected product is installed may be disclosed.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fujielectric Frenic Rhc Loader | <=1.1.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-29498.
What is the severity level of CVE-2023-29498?
The severity level of CVE-2023-29498 is medium (5.5).
What is the affected software of CVE-2023-29498?
The affected software of CVE-2023-29498 is Fujielectric Frenic Rhc Loader v1.1.0.3 and earlier.
How does the vulnerability CVE-2023-29498 occur?
The vulnerability occurs due to improper restriction of XML external entity reference (XXE).
How can CVE-2023-29498 be exploited?
CVE-2023-29498 can be exploited by a user opening a specially crafted project file.
- collector/nvd-index
- agent/tags
- agent/event
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/fujielectric
- canonical/fujielectric frenic rhc loader
- version/fujielectric frenic rhc loader/1.1.0.3