Vulnerability Details CVE-2023-29412
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command
Injection') vulnerability exists that could cause remote code execution when manipulating
internal methods through Java RMI interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.066
EPSS Ranking 90.7%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-29412
-
cpe:2.3:a:schneider-electric:apc_easy_ups_online_monitoring_software:2.5-ga
-
cpe:2.3:a:schneider-electric:apc_easy_ups_online_monitoring_software:2.5-ga-01-22320
-
cpe:2.3:a:schneider-electric:easy_ups_online_monitoring_software:2.5-gs
-
cpe:2.3:a:schneider-electric:easy_ups_online_monitoring_software:2.5-gs-01-22320
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_11:-
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2019:-
-
cpe:2.3:o:microsoft:windows_server_2022:-