CVE-2018-7841

Summary

A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution when an improper set of characters is entered.

Affected Software

VendorProductVersion RangeStatus
U.motionU.motion Builder software version 1.3.4U.motion Builder software version 1.3.4affected

Weaknesses

  • SQL Injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References