Vulnerability Description
The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The 'css' parameter contains a directory traversal vulnerability.
CVSS Score
4.3
MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | U.Motion Builder | < 1.3.4 |
Related Weaknesses (CWE)
References
- https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/Vendor Advisory
- https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/Vendor Advisory
FAQ
What is CVE-2018-7763?
CVE-2018-7763 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The 'css' parameter contains a directory traversal vulnerability.
How severe is CVE-2018-7763?
CVE-2018-7763 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7763?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric U.Motion Builder.