XML External Entity (XXE) Injection Vulnerability in Solid Edge SE2021 (All Versions < SE2021MP7)

XML External Entity (XXE) Injection Vulnerability in Solid Edge SE2021 (All Versions < SE2021MP7)

CVE-2021-37178 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). An XML external entity injection vulnerability in the underlying XML parser could cause the affected application to disclose arbitrary files to remote attackers by loading a specially crafted xml file.

Learn more about our External Network Penetration Testing.