Vulnerabilities > Schneider Electric > APC Easy UPS Online Monitoring Software > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-18	CVE-2023-29413	Missing Authentication for Critical Function vulnerability in Schneider-Electric products A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause Denial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitor service. network low complexity schneider-electric CWE-306	7.5
2023-02-01	CVE-2022-42972	Incorrect Permission Assignment for Critical Resource vulnerability in Schneider-Electric products A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. local low complexity schneider-electric CWE-732	7.8
2023-02-01	CVE-2022-42973	Use of Hard-coded Credentials vulnerability in Schneider-Electric products A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. local low complexity schneider-electric CWE-798	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.