CVE-2023-29411
9.8CRITICALA CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior
Veröffentlicht: 4/18/2023Aktualisiert: 11/21/2024
Beschreibung
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface.
KI-AnalyseKI-gestützt
Betroffene Produkte
schneider-electricapc_easy_ups_online_monitoring_software
microsoftwindows_10
-
microsoftwindows_11
-
microsoftwindows_server_2016
-
microsoftwindows_server_2019
-
microsoftwindows_server_2022
-
schneider-electriceasy_ups_online_monitoring_software
microsoftwindows_10
-
microsoftwindows_11
-
microsoftwindows_server_2016
-
microsoftwindows_server_2019
-
microsoftwindows_server_2022
-
Referenzen
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-04.pdfMitigationPatchVendor Advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-04.pdfMitigationPatchVendor Advisory