Schneider-Electric: >> U.motion Builder >> 1.2.1 Security Vulnerabilities
An improper access control vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an improper handling of the system configuration can allow an attacker to execute arbitrary code under the context of root.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-09-26
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system accepts reboot in session from unauthenticated users, supporting a denial of service condition.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-09-26
An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system response to error provides more information than should be available to an unauthenticated user.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-09-26
Page 3