{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T00:15:02.423","vulnerabilities":[{"cve":{"id":"CVE-2017-9957","sourceIdentifier":"cybersecurity@se.com","published":"2017-09-26T01:29:03.867","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the web service contains a hidden system account with a hardcoded password. An attacker can use this information to log into the system with high-privilege credentials."},{"lang":"es","value":"Existe una vulnerabilidad en las versiones 1.2.1 y anteriores del software de U.motion Builder de Schneider Electric en la que el servicio web contiene una cuenta de sistema oculta con una contraseña embebida. Un atacante podría utilizar esta información para conectarse al sistema con unas credenciales con privilegios elevados."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:u.motion_builder:*:*:*:*:*:*:*:*","versionEndIncluding":"1.2.1","matchCriteriaId":"849D3761-51AA-4820-B995-BBB065B8086B"}]}]}],"references":[{"url":"http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/99344","source":"cybersecurity@se.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/99344","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}