CVE-2026-8045 | THREATINT

Description

CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user account submits crafted XML payloads to SOAP service endpoints.

PUBLISHED Reserved 2026-05-06 | Published 2026-06-09 | Updated 2026-06-09 | Assigner schneider

HIGH: 7.1CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-611 Improper restriction of XML external entity reference

Product status

Default status

unaffected

v9.1.1 and Prior

affected

References

download.schneider-electric.com/...Name=SEVD-2026-160-01.pdf

cve.org (CVE-2026-8045)

nvd.nist.gov (CVE-2026-8045)

Download JSON