Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Schneider-electricU.motion Builder

2 matches found

CVE
CVEadded 2017/09/26 1:29 a.m.45 views

CVE-2017-9958

An improper access control vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an improper handling of the system configuration can allow an attacker to execute arbitrary code under the context of root.

7.8CVSS7.8AI score0.00055EPSS
CVE
CVEadded 2017/09/26 1:29 a.m.44 views

CVE-2017-9956

An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system contains a hard-coded valid session. An attacker can use that session ID as part of the HTTP cookie of a web request, resulting in authentication bypass

7.5CVSS7.3AI score0.00486EPSS