3 matches found
CVE-2023-29411
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allowchanges to administrative credentials, leading to potential remote code execution withoutrequiring prior authentication on the Java RMI interface.
CVE-2023-29412
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS CommandInjection') vulnerability exists that could cause remote code execution when manipulatinginternal methods through Java RMI interface.
CVE-2023-29413
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could causeDenial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitorservice.