Version V2.5-GA-01-22320
OTHER
3 CVEs
Known Vulnerabilities
CVE-2023-29413
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause Denial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitor service.
HIGH
CVSS 7.5
Published Apr 18, 2023
CVE-2023-29412
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when manipulating internal methods through Java RMI interface.
CRITICAL
CVSS 9.8
Published Apr 18, 2023
CVE-2023-29411
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface.
CRITICAL
CVSS 9.8
Published Apr 18, 2023