CVE-2020-12025 Vulnerability Details

  /     /     /  

CVE-2020-12025 Metadata Quick Info

CVE Published: 14/07/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: icscert | Vendor: n/a | Product: Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02
Status : PUBLISHED

CVE-2020-12025 Description

Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02 vulnerable to an xml external entity (XXE) vulnerability, which may allow an attacker to view hostnames or other resources from the program.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-611
CWE Name: IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2020-12025 Vulnerability Details