Details of VAR-201807-1859

ID

VAR-201807-1859

CVE

CVE-2018-7786

TITLE

Schneider Electric U.motion Builder Cross-Site Scripting Vulnerability

Trust: 1.4

sources: IVD: e2f293d0-39ab-11e9-bcbd-000c29342cb1 // CNVD: CNVD-2018-11391 // CNNVD: CNNVD-201806-1168

DESCRIPTION

In Schneider Electric U.motion Builder software versions prior to v1.3.4, a cross site scripting (XSS) vulnerability exists which could allow injection of malicious scripts. U.motion Builder is a generator product from Schneider Electric, France. A stack-based buffer-overflow vulnerability 2. An OS command-injection vulnerability 3. An information-disclosure vulnerability Exploiting these issues could allow an attacker to bypass authentication mechanism, to execute arbitrary script code in the browser of an unsuspecting user, obtain sensitive information, execute arbitrary code and perform unauthorized actions. Failed exploits can result in a denial-of-service condition. Versions prior to U.motion Builder 1.3.4 are vulnerable

Trust: 2.61

sources: NVD: CVE-2018-7786 // JVNDB: JVNDB-2018-007238 // CNVD: CNVD-2018-11391 // BID: 104447 // IVD: e2f293d0-39ab-11e9-bcbd-000c29342cb1

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2f293d0-39ab-11e9-bcbd-000c29342cb1 // CNVD: CNVD-2018-11391

AFFECTED PRODUCTS

vendor:	schneider electric	model:	u.motion builder	scope:	lt	version:	1.3.4	Trust: 1.0
vendor:	schneider electric	model:	u.motion builder	scope:	eq	version:	1.2.1	Trust: 0.9
vendor:	schneider electric	model:	u.motion builder software	scope:	lt	version:	1.3.4	Trust: 0.8
vendor:	schneider	model:	electric u.motion builder	scope:	lt	version:	1.3.4	Trust: 0.6
vendor:	schneider electric	model:	u.motion builder	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	schneider electric	model:	u.motion builder	scope:	ne	version:	1.3.4	Trust: 0.3
vendor:	u motion builder	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2f293d0-39ab-11e9-bcbd-000c29342cb1 // CNVD: CNVD-2018-11391 // BID: 104447 // JVNDB: JVNDB-2018-007238 // CNNVD: CNNVD-201806-1168 // NVD: CVE-2018-7786

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7786
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-7786
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2018-11391
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201806-1168
value:	MEDIUM
Trust: 0.6
IVD:	e2f293d0-39ab-11e9-bcbd-000c29342cb1
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2018-7786
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11391
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:C/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2f293d0-39ab-11e9-bcbd-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:C/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-7786
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.0
Trust: 1.8

sources: IVD: e2f293d0-39ab-11e9-bcbd-000c29342cb1 // CNVD: CNVD-2018-11391 // JVNDB: JVNDB-2018-007238 // CNNVD: CNNVD-201806-1168 // NVD: CVE-2018-7786

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2018-007238 // NVD: CVE-2018-7786

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-1168

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201806-1168

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-007238

PATCH

title:	SEVD-2018-151-01	url:	https://www.schneider-electric.com/en/download/document/SEVD-2018-151-01/	Trust: 0.8
title:	Patch for Schneider Electric U.motion Builder cross-site scripting vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/131853	Trust: 0.6
title:	Schneider Electric U.motion Builder Fixes for cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81475	Trust: 0.6

sources: CNVD: CNVD-2018-11391 // JVNDB: JVNDB-2018-007238 // CNNVD: CNNVD-201806-1168

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7786	Trust: 3.5
db:	ICS CERT	id:	ICSA-18-163-01	Trust: 2.3
db:	SCHNEIDER	id:	SEVD-2018-151-01	Trust: 1.9
db:	BID	id:	104447	Trust: 1.3
db:	CNVD	id:	CNVD-2018-11391	Trust: 0.8
db:	CNNVD	id:	CNNVD-201806-1168	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-007238	Trust: 0.8
db:	NSFOCUS	id:	40190	Trust: 0.6
db:	SCHNEIDER	id:	SEVD-2017-178-01	Trust: 0.3
db:	IVD	id:	E2F293D0-39AB-11E9-BCBD-000C29342CB1	Trust: 0.2

sources: IVD: e2f293d0-39ab-11e9-bcbd-000c29342cb1 // CNVD: CNVD-2018-11391 // BID: 104447 // JVNDB: JVNDB-2018-007238 // CNNVD: CNNVD-201806-1168 // NVD: CVE-2018-7786

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-163-01	Trust: 2.3
url:	https://www.schneider-electric.com/en/download/document/sevd-2018-151-01/	Trust: 1.9
url:	http://www.securityfocus.com/bid/104447	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7786	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7786	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/40190	Trust: 0.6
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3
url:	http://www.schneider-electric.com/en/download/document/sevd-2017-178-01/	Trust: 0.3

sources: CNVD: CNVD-2018-11391 // BID: 104447 // JVNDB: JVNDB-2018-007238 // CNNVD: CNNVD-201806-1168 // NVD: CVE-2018-7786

CREDITS

Wei Gao of Ixia and bigric3@360A-TEAM

Trust: 0.3

sources: BID: 104447

SOURCES

db:	IVD	id:	e2f293d0-39ab-11e9-bcbd-000c29342cb1
db:	CNVD	id:	CNVD-2018-11391
db:	BID	id:	104447
db:	JVNDB	id:	JVNDB-2018-007238
db:	CNNVD	id:	CNNVD-201806-1168
db:	NVD	id:	CVE-2018-7786

LAST UPDATE DATE

2024-11-23T20:15:57.343000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11391	date:	2018-06-13T00:00:00
db:	BID	id:	104447	date:	2018-06-12T00:00:00
db:	JVNDB	id:	JVNDB-2018-007238	date:	2018-10-01T00:00:00
db:	CNNVD	id:	CNNVD-201806-1168	date:	2018-06-26T00:00:00
db:	NVD	id:	CVE-2018-7786	date:	2024-11-21T04:12:43.973

SOURCES RELEASE DATE

db:	IVD	id:	e2f293d0-39ab-11e9-bcbd-000c29342cb1	date:	2018-06-13T00:00:00
db:	CNVD	id:	CNVD-2018-11391	date:	2018-06-13T00:00:00
db:	BID	id:	104447	date:	2018-06-12T00:00:00
db:	JVNDB	id:	JVNDB-2018-007238	date:	2018-09-12T00:00:00
db:	CNNVD	id:	CNNVD-201806-1168	date:	2018-06-26T00:00:00
db:	NVD	id:	CVE-2018-7786	date:	2018-07-03T14:29:01.633