CVE-2014-7251

Yokogawa FAST/TOOLS < R9.05-SP2 - XML External Entity Injection

Title source: llm
STIX 2.1

Description

XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic consumption) or read arbitrary files via unspecified vectors.

References (4)

Core 4
Core References
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN54775800/index.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/99018
Third Party Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000141.html

Scores

EPSS 0.0032
EPSS Percentile 23.8%

Details

CWE
CWE-20
Status published
Products (5)
yokogawa/fast\/tools r9.01
yokogawa/fast\/tools r9.02
yokogawa/fast\/tools r9.03
yokogawa/fast\/tools r9.04
yokogawa/fast\/tools r9.05
Published Dec 06, 2014
Tracked Since Feb 18, 2026