Design/Logic Flaw

2018-07-0314:29:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.4%

JSON

The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. System information is returned to the attacker that contains sensitive data.

CPENameOperatorVersion
u.motion_builderlt1.3.4

CPE	Name	Operator	Version
	u.motion_builder	lt	1.3.4

References

www.schneider-electric.com/en/download/document/SEVD-2018-095-01/