Lucene search
SchneiderCVELIST:CVE-2023-29413HistoryApr 18, 2023 - 8:50 p.m.
CVE-2023-29413
2023-04-1820:50:53
CWE-306
schneider
www.cve.org
cwe-306
missing authentication
denial-of-service
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
43.7%
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause
Denial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitor
service.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "prior",
"status": "affected",
"version": "V2.5-GA-01-22320",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Schneider Electric Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022)",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "prior",
"status": "affected",
"version": "V2.5-GS-01-22320",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-29413
2023-04-18 21:15:09
cve
cve
CVE-2023-29413
2023-04-18 21:15:09
zdi
zdi
prion
prion
Authentication flaw
2023-04-18 21:15:00
malwarebytes
malwarebytes
APC warns about critical vulnerabilities in online UPS monitoring software
2023-04-26 03:00:00
ics
ics
Schneider Electric APC Easy UPS Online Monitoring Software (Update A)
2024-06-11 12:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
43.7%
Related for CVELIST:CVE-2023-29413