{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T00:33:09.949","vulnerabilities":[{"cve":{"id":"CVE-2020-15792","sourceIdentifier":"productcert@siemens.com","published":"2020-10-15T19:15:12.767","lastModified":"2024-11-21T05:06:11.397","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en Desigo Insight (todas las versiones). El servicio web no aplica apropiadamente la comprobación de entrada para algunos parámetros de consulta en un área reservada. Esto podría permitir a un atacante autenticado recuperar datos por medio de un ataque de inyección SQL ciego basado en contenido"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:desigo_insight:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0","matchCriteriaId":"27709FE3-EF7E-408D-9478-913FB2635E0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:desigo_insight:6.0:-:*:*:*:*:*:*","matchCriteriaId":"FA232A84-E145-4E19-A093-1D77372B4B7B"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:desigo_insight:6.0:sp2:*:*:*:*:*:*","matchCriteriaId":"45B6C775-F19C-4610-B7C0-337C61EB2700"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:desigo_insight:6.0:sp3:*:*:*:*:*:*","matchCriteriaId":"2D77488A-8820-4350-980E-A09CBFEC6F97"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:desigo_insight:6.0:sp5:*:*:*:*:*:*","matchCriteriaId":"D97D5112-D3BD-4EFA-90C3-CC00DEADFF78"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-226339.pdf","source":"productcert@siemens.com","tags":["Vendor Advisory"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-287-05","source":"productcert@siemens.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-226339.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-287-05","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}