SecuritySpace - CVE-2017-7968

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2017-7968

Description: An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation, Wonderware InduSoft Web Studio creates a new directory and two files, which are placed in the system's path and can be manipulated by non-administrators. This could allow an authenticated user to escalate his or her privileges.

Test IDs: 1.3.6.1.4.1.25623.1.0.811264

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-7968
BugTraq ID: 98544
http://www.securityfocus.com/bid/98544
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-090-02
https://ics-cert.us-cert.gov/advisories/ICSA-17-138-02

CVE ID:	CVE-2017-7968
Description:	An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation, Wonderware InduSoft Web Studio creates a new directory and two files, which are placed in the system's path and can be manipulated by non-administrators. This could allow an authenticated user to escalate his or her privileges.
Test IDs:	1.3.6.1.4.1.25623.1.0.811264
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7968 BugTraq ID: 98544 http://www.securityfocus.com/bid/98544 http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-090-02 https://ics-cert.us-cert.gov/advisories/ICSA-17-138-02