Security Advisory

CVE-2013-0686

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-05-09 10:00:00

Last updated 2024-09-16 18:48:52

Assigner icscert

State PUBLISHED

Description

Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

← Browse all CVEs View on cve.org ↗