Bird_banner_small4
Schneider Electric U.motion Builder css.inc.php Arbitrary File Inclusion
TSL ID TSL20170612-07
CVE ID(s) CVE-2017-7974
Severity Moderate
Description

An arbitrary file inclusion vulnerability has been reported in Schneider Electric U.motion Builder. This vulnerability is caused by improper sanitization of directory traversal characters(..) by css.inc.php.

A remote, unauthenticated attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation results in information disclosure.

The vendor has released the following advisory regarding this vulnerability:

http://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=7596295036&p_File_Name=SEVD-2017-178-01+U.motion+Builder+Software.pdf&p_Reference=SEVD-2017-178-01

Affected Products
  • Schneider Electric U.motion Builder 1.2.1 and prior
CVSS Score Base 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N):
  • Access vector is NETWORK
  • Access complexity is LOW
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is PARTIAL
  • Impact of this vulnerability on data integrity is NONE
  • Impact of this vulnerability on data availability is NONE
Temporal 3.7 (E:U/RL:OF/RC:C):
  • The exploitability level of this vulnerability is UNPROVEN
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
Identifiers
ZDI
References http://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=7596295036&p_File_Name=SEVD-2017-178-01+U.motion+Builder+Software.pdf&p_Reference=SEVD-2017-178-01
Related Threats