cvelist/2017/7xxx/CVE-2017-7973.json

{
    "CVE_data_meta": {
        "ASSIGNER": "cybersecurity@schneider-electric.com",
        "DATE_PUBLIC": "2017-06-28T00:00:00",
        "ID": "CVE-2017-7973",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "U.Motion",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "U.motion Builder Versions 1.2.1 and prior."
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Schneider Electric SE"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can use calls to various paths allowing performance of arbitrary SQL commands against the underlying database."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "SQL Injection"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/",
                "refsource": "CONFIRM",
                "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/"
            },
            {
                "name": "99344",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/99344"
            }
        ]
    }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-18 05:08:51 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "cybersecurity@schneider-electric.com",`
			`"DATE_PUBLIC": "2017-06-28T00:00:00",`
			`"ID": "CVE-2017-7973",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "U.Motion",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "U.motion Builder Versions 1.2.1 and prior."`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Schneider Electric SE"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-18 05:08:51 +00:00			`"lang": "eng",`
			`"value": "A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can use calls to various paths allowing performance of arbitrary SQL commands against the underlying database."`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
"-Synchronized-Data." 2019-03-18 05:08:51 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "SQL Injection"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/",`
			`"refsource": "CONFIRM",`
			`"url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/"`
			`},`
			`{`
			`"name": "99344",`
			`"refsource": "BID",`
			`"url": "http://www.securityfocus.com/bid/99344"`
			`}`
			`]`
			`}`
			`}`