CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7968

An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation, Wonderware InduSoft Web Studio creates a new directory and two files, which are placed in the system's path and can be manipulated by non-administrators. This could allow an authenticated user to escalate his or her privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.4%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

Products affected by CVE-2017-7968

Schneider-Electric » Wonderware Indusoft Web Studio » Version: 6.1

cpe:2.3:a:schneider-electric:wonderware_indusoft_web_studio:6.1
Schneider-Electric » Wonderware Indusoft Web Studio » Version: 7.1

cpe:2.3:a:schneider-electric:wonderware_indusoft_web_studio:7.1
Schneider-Electric » Wonderware Indusoft Web Studio » Version: 8.0

cpe:2.3:a:schneider-electric:wonderware_indusoft_web_studio:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7968

Products

Pricing

Contact Us