{ "CVE_data_meta" : { "ASSIGNER" : "security_alert@emc.com", "DATE_PUBLIC" : "2018-03-20T00:00:00", "ID" : "CVE-2018-1207", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "iDRAC7/iDRAC8", "version" : { "version_data" : [ { "version_value" : "versions prior to 2.52.52.52" } ] } } ] }, "vendor_name" : "Dell EMC" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "CGI injection vulnerability" } ] } ] }, "references" : { "reference_data" : [ { "name" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20485410", "refsource" : "MISC", "url" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20485410" }, { "name" : "https://twitter.com/nicowaisman/status/977279766792466432", "refsource" : "MISC", "url" : "https://twitter.com/nicowaisman/status/977279766792466432" }, { "name" : "103694", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/103694" } ] } }