{"containers": {"cna": {"affected": [{"product": "ProClima all versions prior to version 8.0.0", "vendor": "ProClima", "versions": [{"status": "affected", "version": "ProClima all versions prior to version 8.0.0"}]}], "datePublic": "2019-06-11T00:00:00", "descriptions": [{"lang": "en", "value": "A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "description": "CWE-94: Code Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-07-15T20:42:37", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-162-01/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@schneider-electric.com", "ID": "CVE-2019-6823", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ProClima all versions prior to version 8.0.0", "version": {"version_data": [{"version_value": "ProClima all versions prior to version 8.0.0"}]}}]}, "vendor_name": "ProClima"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-94: Code Injection"}]}]}, "references": {"reference_data": [{"name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-162-01/", "refsource": "MISC", "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-162-01/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:31:04.400Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-162-01/"}]}]}, "cveMetadata": {"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2019-6823", "datePublished": "2019-07-15T20:41:51", "dateReserved": "2019-01-25T00:00:00", "dateUpdated": "2024-08-04T20:31:04.400Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:proclima:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C7BB1CA-CCED-4EC9-81F4-16633561E4CF", "versionEndExcluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0."}, {"lang": "es", "value": "Una CWE-94: existe una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en ProClima (todas las versiones anteriores a la versi\u00f3n 8.0.0) que podr\u00eda permitir que un atacante remoto no autenticado ejecute c\u00f3digo arbitrario en el sistema objetivo en todas las versiones de ProClima anteriores a la versi\u00f3n 8.0.0."}], "id": "CVE-2019-6823", "lastModified": "2024-11-21T04:47:13.460", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-15T21:15:10.663", "references": [{"source": "cybersecurity@se.com", "tags": ["Vendor Advisory"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-162-01/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-162-01/"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "cybersecurity@se.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}