E18-0ozv1
CVSS:
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
False Positive:
f
Variants:
1
Year:
2018
Description
This strike exploits a directory traversal vulnerability in Schneider Electric U.motion Builde.
The vulnerability is due to improper validation of input of context parameter in HTTP GET request, which could allow the disclosure of sensitive information.