Medium severity5.3NVD Advisory· Published Sep 26, 2017· Updated May 13, 2026

CVE-2017-9960

Description

An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system response to error provides more information than should be available to an unauthenticated user.

Affected products

Schneider Electric/U.motion Builder
cpe:2.3:a:schneider-electric:u.motion_builder:*:*:*:*:*:*:*:*
Range: <=1.2.1
Schneider Electric SE/U.Motionv5
Range: U.motion Builder Versions 1.2.1 and prior.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.schneider-electric.com/en/download/document/SEVD-2017-178-01/nvdVendor Advisory
www.securityfocus.com/bid/99344nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000