CVE-2017-7974

2017-06-2800:00:00

schneider

www.cve.org

9.5 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON

A path traversal information disclosure vulnerability exists in Schneider Electric’s U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and exfiltrate files.

CNA Affected

[
  {
    "product": "U.Motion",
    "vendor": "Schneider Electric SE",
    "versions": [
      {
        "status": "affected",
        "version": "U.motion Builder Versions 1.2.1 and prior."
      }
    ]
  }
]