Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed.
References
Link | Resource |
---|---|
https://jvn.jp/en/vu/JVNVU94200979/ | Third Party Advisory |
Configurations
History
06 Feb 2023, 19:55
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-611 | |
First Time |
Omron
Omron cx-motion Pro |
|
CPE | cpe:2.3:a:omron:cx-motion_pro:*:*:*:*:*:*:*:* | |
References | (MISC) https://jvn.jp/en/vu/JVNVU94200979/ - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
30 Jan 2023, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-30 07:15
Updated : 2023-12-10 14:48
NVD link : CVE-2023-22322
Mitre link : CVE-2023-22322
CVE.ORG link : CVE-2023-22322
JSON object : View
Products Affected
omron
- cx-motion_pro
CWE
CWE-611
Improper Restriction of XML External Entity Reference