CVE-2017-9960

medium

Description

An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system response to error provides more information than should be available to an unauthenticated user.

References

http://www.securityfocus.com/bid/99344

http://www.schneider-electric.com/en/download/document/SEVD-2017-178-01/

Details

Source: Mitre, NVD

Published: 2017-09-26

Updated: 2025-04-20

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N