admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-11-04 15:00:43 +00:00
parent 80afe796ee
commit 74d91cdabb
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
2022/41xxx/CVE-2022-41671.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@se.com",
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-41671",
"STATE": "PUBLIC"
},
@ -48,7 +48,7 @@
"description_data": [
{
"lang": "eng",
"value": "A CWE-89: Improper Neutralization of Special Elements used in SQL Command (SQL Injection) vulnerability exists that allows adversaries with local user privileges to craft a\nmalicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior)."
"value": "A CWE-89: Improper Neutralization of Special Elements used in SQL Command (\u2018SQL Injection\u2019) vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior)."
}
]
},
@ -86,8 +86,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-284-01/"
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-284-01/",
"name": "https://www.se.com/ww/en/download/document/SEVD-2022-284-01/"
}
]
},