Schneider Electric U.motion Builder 1.2.1 information disclosure

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, was found in Schneider Electric U.motion Builder 1.2.1 (Automation Software). Affected is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field09/26/2017 03:18 PM11/19/2019 06:00 PM01/14/2021 02:18 PM
typeAutomation SoftwareAutomation SoftwareAutomation Software
vendorSchneider ElectricSchneider ElectricSchneider Electric
nameU.motion BuilderU.motion BuilderU.motion Builder
version1.2.11.2.11.2.1
cwe200 (information disclosure)200 (information disclosure)200 (information disclosure)
risk111
cvss2_vuldb_basescore5.05.05.0
cvss2_vuldb_tempscore5.05.05.0
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
cvss2_nvd_avNNN
cvss2_nvd_acLLL
cvss2_nvd_auNNN
cvss2_nvd_ciPPP
cvss2_nvd_iiNNN
cvss2_nvd_aiNNN
cvss3_meta_basescore5.35.35.3
cvss3_meta_tempscore5.35.35.3
cvss3_vuldb_basescore5.35.35.3
cvss3_vuldb_tempscore5.35.35.3
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prNNN
cvss3_nvd_uiNNN
cvss3_nvd_sUUU
cvss3_nvd_cLLL
cvss3_nvd_iNNN
cvss3_nvd_aNNN
date1506384000 (09/26/2017)1506384000 (09/26/2017)1506384000 (09/26/2017)
urlhttp://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/
viaZDI (Zero Day Initiative)ZDI (Zero Day Initiative)ZDI (Zero Day Initiative)
person_nicknamergodrgodrgod
price_0day$0-$5k$0-$5k$0-$5k
cveCVE-2017-9960CVE-2017-9960CVE-2017-9960
cve_assigned149843520014984352001498435200
cve_nvd_published150629760015062976001506297600
cve_nvd_summaryAn information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system response to error provides more information than should be available to an unauthenticated user.An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system response to error provides more information than should be available to an unauthenticated user.An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system response to error provides more information than should be available to an unauthenticated user.
securityfocus993449934499344
securityfocus_date1498780800 (06/30/2017)1498780800 (06/30/2017)1498780800 (06/30/2017)
securityfocus_classUnknownUnknownUnknown
securityfocus_titleSchneider Electric U.motion Builder Multiple Security VulnerabilitiesSchneider Electric U.motion Builder Multiple Security VulnerabilitiesSchneider Electric U.motion Builder Multiple Security Vulnerabilities
seealso107142 107143 107144 107145 107146 107147107142 107143 107144 107145 107146 107147107142 107143 107144 107145 107146 107147
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
0day_days888888
cvss3_nvd_basescore5.35.35.3
discoverydate14986944001498694400
company_nameZero Day InitiativeZero Day Initiative
confirm_urlhttp://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/
person_namergod working with Trend Micro???s Zero Day Initiative.
cvss2_nvd_basescore5.0

Might our Artificial Intelligence support you?

Check our Alexa App!