Description
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0
References (3)
Core 3
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-340-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106133
Mitigation, Third Party Advisory x_refsource_misc
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/07/klcert-18-025-general-electric-proficy-gds-xml-external-entity-xxe/
Scores
CVSS v3
9.1
EPSS
0.0269
EPSS Percentile
83.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-611
Status
published
Products (3)
ge/cimplicity
9.0_r2
ge/cimplicity
9.5
ge/cimplicity
10.0
Published
Dec 07, 2018
Tracked Since
Feb 18, 2026