CVE-2012-1815

{"id": "CVE-2012-1815", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-06-08T18:55:01.567", "references": [{"url": "http://osvdb.org/82011", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/49210", "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/53591", "source": "cret@cert.org"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-138-01.pdf", "tags": ["US Government Resource"], "source": "cret@cert.org"}, {"url": "http://osvdb.org/82011", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/49210", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/53591", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-138-01.pdf", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en Emerson DeltaV y DeltaV Workstations v9.3.1, v10.3.1, v11.3, y v11.3.1 y DeltaV ProEssentials Scientific Graph v5.0.0.6, permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s de vectores no especificadas."}], "lastModified": "2024-11-21T01:37:50.100", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emerson:deltav:9.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A47A4CF-7DC2-40BF-8665-261C17A4159B"}, {"criteria": "cpe:2.3:a:emerson:deltav:10.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E005DD9A-07FB-4DE2-810B-372E62A091B6"}, {"criteria": "cpe:2.3:a:emerson:deltav:11.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0123046-D89E-4FBB-9176-C04E0C65E9AB"}, {"criteria": "cpe:2.3:a:emerson:deltav:11.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "943B3480-56C4-4131-BE8F-62FE035D4619"}, {"criteria": "cpe:2.3:a:emerson:deltav_proessentials_scientific_graph:5.0.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75620876-5526-451E-8284-3CB1BF16642F"}, {"criteria": "cpe:2.3:a:emerson:deltav_workstation:9.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B41EAEE-53EC-4EF0-BB63-58772E4D6278"}, {"criteria": "cpe:2.3:a:emerson:deltav_workstation:10.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE35A6AE-616B-4254-83B6-50726498B765"}, {"criteria": "cpe:2.3:a:emerson:deltav_workstation:11.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5C9C34A-FE86-4B79-BC2F-14B7F6320A8D"}, {"criteria": "cpe:2.3:a:emerson:deltav_workstation:11.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A164A098-9568-476F-BE49-D847378A7BE9"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}