CVE-2022-34467

EPSS 0.7%CWE-776

A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). The affected component is vulnerable to XML Entity Expansion Injection. An attacker may use this to compromise the availability of the affected component.

Productos afectados

Siemens · Mendix Excel Importer Module (Mendix 8 compatible)Siemens · Mendix Excel Importer Module (Mendix 9 compatible)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cert-portal.siemens.com/productcert/pdf/ssa-610768.pdf