CVE-2018-10613
Summary
| CVE | CVE-2018-10613 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-06-04 14:29:00 UTC |
| Updated | 2019-10-09 23:32:00 UTC |
| Description | Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior. |
Risk And Classification
Problem Types: CWE-611
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ge | Mds Pulsenet | All | All | All | All |
| Application | Ge | Mds Pulsenet | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| GE MDS PulseNET and MDS PulseNET Enterprise | ICS-CERT | MISC | ics-cert.us-cert.gov | Third Party Advisory, US Government Resource |
| Multiple GE MDS PulseNET Products Multiple Security vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Grid Passport Login : GE Grid Solutions | CONFIRM | www.gegridsolutions.com | Permissions Required |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.