{"vulnerability": "CVE-2023-40310", "sightings": [{"uuid": "58bfd827-b40d-4847-b38f-02d94b91373b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40310", "type": "seen", "source": "https://t.me/cibsecurity/71880", "content": "\u203c CVE-2023-40310 \u203c\n\nSAP PowerDesigner\u00c2\u00a0Client\u00c2\u00a0- version 16.7, does not sufficiently validate BPMN2\u00c2\u00a0XML document imported from an untrusted source. As a result, URLs of\u00c2\u00a0external entities in BPMN2 file, although not used, would be accessed\u00c2\u00a0during import.\u00c2\u00a0A successful attack could impact availability of SAP PowerDesigner\u00c2\u00a0Client.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T07:29:55.000000Z"}]}