Details of VAR-201807-1860

ID

VAR-201807-1860

CVE

CVE-2018-7787

TITLE

Schneider Electric U.motion Builder Software Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-007239

DESCRIPTION

In Schneider Electric U.motion Builder software versions prior to v1.3.4, this vulnerability is due to improper validation of input of context parameter in HTTP GET request. A stack-based buffer-overflow vulnerability 2. An OS command-injection vulnerability 3. A cross-site scripting vulnerability 4. An information-disclosure vulnerability Exploiting these issues could allow an attacker to bypass authentication mechanism, to execute arbitrary script code in the browser of an unsuspecting user, obtain sensitive information, execute arbitrary code and perform unauthorized actions. Failed exploits can result in a denial-of-service condition. Versions prior to U.motion Builder 1.3.4 are vulnerable

Trust: 2.61

sources: NVD: CVE-2018-7787 // JVNDB: JVNDB-2018-007239 // CNVD: CNVD-2018-11390 // BID: 104447 // IVD: e2f293d1-39ab-11e9-ac4a-000c29342cb1

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2f293d1-39ab-11e9-ac4a-000c29342cb1 // CNVD: CNVD-2018-11390

AFFECTED PRODUCTS

vendor:	schneider electric	model:	u.motion builder	scope:	lt	version:	1.3.4	Trust: 1.0
vendor:	schneider electric	model:	u.motion builder	scope:	eq	version:	1.2.1	Trust: 0.9
vendor:	schneider electric	model:	u.motion builder software	scope:	lt	version:	1.3.4	Trust: 0.8
vendor:	schneider	model:	electric u.motion builder	scope:	lt	version:	1.3.4	Trust: 0.6
vendor:	schneider electric	model:	u.motion builder	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	schneider electric	model:	u.motion builder	scope:	ne	version:	1.3.4	Trust: 0.3
vendor:	u motion builder	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2f293d1-39ab-11e9-ac4a-000c29342cb1 // CNVD: CNVD-2018-11390 // BID: 104447 // JVNDB: JVNDB-2018-007239 // CNNVD: CNNVD-201806-1169 // NVD: CVE-2018-7787

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7787
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-7787
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2018-11390
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201806-1169
value:	MEDIUM
Trust: 0.6
IVD:	e2f293d1-39ab-11e9-ac4a-000c29342cb1
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2018-7787
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11390
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2f293d1-39ab-11e9-ac4a-000c29342cb1
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-7787
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: IVD: e2f293d1-39ab-11e9-ac4a-000c29342cb1 // CNVD: CNVD-2018-11390 // JVNDB: JVNDB-2018-007239 // CNNVD: CNNVD-201806-1169 // NVD: CVE-2018-7787

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2018-007239 // NVD: CVE-2018-7787

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-1169

TYPE

Input validation

Trust: 0.8

sources: IVD: e2f293d1-39ab-11e9-ac4a-000c29342cb1 // CNNVD: CNNVD-201806-1169

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-007239

PATCH

title:	SEVD-2018-151-01	url:	https://www.schneider-electric.com/en/download/document/SEVD-2018-151-01/	Trust: 0.8
title:	Patch for Schneider Electric U.motion Builder Information Disclosure Vulnerability (CNVD-2018-11390)	url:	https://www.cnvd.org.cn/patchInfo/show/131855	Trust: 0.6
title:	Schneider Electric U.motion Builder Enter the fix for the verification vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81474	Trust: 0.6

sources: CNVD: CNVD-2018-11390 // JVNDB: JVNDB-2018-007239 // CNNVD: CNNVD-201806-1169

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7787	Trust: 3.5
db:	ICS CERT	id:	ICSA-18-163-01	Trust: 2.3
db:	SCHNEIDER	id:	SEVD-2018-151-01	Trust: 1.9
db:	BID	id:	104447	Trust: 1.3
db:	CNVD	id:	CNVD-2018-11390	Trust: 0.8
db:	CNNVD	id:	CNNVD-201806-1169	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-007239	Trust: 0.8
db:	NSFOCUS	id:	40191	Trust: 0.6
db:	SCHNEIDER	id:	SEVD-2017-178-01	Trust: 0.3
db:	IVD	id:	E2F293D1-39AB-11E9-AC4A-000C29342CB1	Trust: 0.2

sources: IVD: e2f293d1-39ab-11e9-ac4a-000c29342cb1 // CNVD: CNVD-2018-11390 // BID: 104447 // JVNDB: JVNDB-2018-007239 // CNNVD: CNNVD-201806-1169 // NVD: CVE-2018-7787

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-163-01	Trust: 2.3
url:	https://www.schneider-electric.com/en/download/document/sevd-2018-151-01/	Trust: 1.9
url:	http://www.securityfocus.com/bid/104447	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7787	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7787	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/40191	Trust: 0.6
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3
url:	http://www.schneider-electric.com/en/download/document/sevd-2017-178-01/	Trust: 0.3

sources: CNVD: CNVD-2018-11390 // BID: 104447 // JVNDB: JVNDB-2018-007239 // CNNVD: CNNVD-201806-1169 // NVD: CVE-2018-7787

CREDITS

Wei Gao of Ixia and bigric3@360A-TEAM

Trust: 0.3

sources: BID: 104447

SOURCES

db:	IVD	id:	e2f293d1-39ab-11e9-ac4a-000c29342cb1
db:	CNVD	id:	CNVD-2018-11390
db:	BID	id:	104447
db:	JVNDB	id:	JVNDB-2018-007239
db:	CNNVD	id:	CNNVD-201806-1169
db:	NVD	id:	CVE-2018-7787

LAST UPDATE DATE

2024-11-23T21:12:51.528000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11390	date:	2018-06-13T00:00:00
db:	BID	id:	104447	date:	2018-06-12T00:00:00
db:	JVNDB	id:	JVNDB-2018-007239	date:	2018-10-01T00:00:00
db:	CNNVD	id:	CNNVD-201806-1169	date:	2018-06-26T00:00:00
db:	NVD	id:	CVE-2018-7787	date:	2024-11-21T04:12:44.083

SOURCES RELEASE DATE

db:	IVD	id:	e2f293d1-39ab-11e9-ac4a-000c29342cb1	date:	2018-06-13T00:00:00
db:	CNVD	id:	CNVD-2018-11390	date:	2018-06-13T00:00:00
db:	BID	id:	104447	date:	2018-06-12T00:00:00
db:	JVNDB	id:	JVNDB-2018-007239	date:	2018-09-12T00:00:00
db:	CNNVD	id:	CNNVD-201806-1169	date:	2018-06-26T00:00:00
db:	NVD	id:	CVE-2018-7787	date:	2018-07-03T14:29:01.680