cvedb.io
CVE-2015-6463
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-09-28T02:59:14.027 · Last modified 2026-06-17T00:30:54.720

Summary

CodeWrights HART Comm DTM components, as used with Endress+Hauser FieldCare, allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a longtag XML schema containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Affected products

codewrights — hart_comm_dtm

Does this affect you?

Add your gear to cvedb and we'll alert you only when codewrights ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.