Vulnerability Description
An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to obtain sensitive device information if network access was obtained.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | 66074 Mge Network Management Card Transverse | - |
| Schneider-Electric | Mge Comet Ups | - |
| Schneider-Electric | Mge Eps 6000 | - |
| Schneider-Electric | Mge Eps 7000 | - |
| Schneider-Electric | Mge Eps 8000 | - |
| Schneider-Electric | Mge Galaxy 3000 | - |
| Schneider-Electric | Mge Galaxy 4000 | - |
| Schneider-Electric | Mge Galaxy 5000 | - |
| Schneider-Electric | Mge Galaxy 6000 | - |
| Schneider-Electric | Mge Galaxy 9000 | - |
| Schneider-Electric | Mge Galaxy Pw | - |
Related Weaknesses (CWE)
References
- https://www.schneider-electric.com/en/download/document/SEVD-2018-074-01/Vendor Advisory
- https://www.schneider-electric.com/en/download/document/SEVD-2018-074-01/Vendor Advisory
FAQ
What is CVE-2018-7244?
CVE-2018-7244 is a vulnerability with a CVSS score of 5.3 (MEDIUM). An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the...
How severe is CVE-2018-7244?
CVE-2018-7244 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7244?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric 66074 Mge Network Management Card Transverse, Schneider-Electric Mge Comet Ups, Schneider-Electric Mge Eps 6000, Schneider-Electric Mge Eps 7000, Schneider-Electric Mge Eps 8000.