{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T03:48:37.092","vulnerabilities":[{"cve":{"id":"CVE-2022-42971","sourceIdentifier":"cybersecurity@se.com","published":"2023-02-01T04:15:08.953","lastModified":"2024-11-21T07:25:42.773","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause remote code execution when the attacker uploads a malicious JSP file. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261)"}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@se.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:apc_easy_ups_online_monitoring_software:*:*:*:*:*:*:*:*","versionEndExcluding":"2.5-ga-01-22320","matchCriteriaId":"4B8FBFEF-F5DC-4F71-B990-B74C68733741"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:-:*","matchCriteriaId":"647F2145-B063-43EA-8045-32D3B4D893F6"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*","matchCriteriaId":"821614DD-37DD-44E2-A8A4-FE8D23A33C3C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:easy_ups_online_monitoring_software:*:*:*:*:*:*:*:*","versionEndExcluding":"2.5-gs-01-22320","matchCriteriaId":"C587FB36-A05E-4925-B643-D52EE7AEF952"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:-:*","matchCriteriaId":"647F2145-B063-43EA-8045-32D3B4D893F6"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*","matchCriteriaId":"821614DD-37DD-44E2-A8A4-FE8D23A33C3C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:apc_easy_ups_online_monitoring_software:*:*:*:*:*:*:*:*","versionEndExcluding":"2.5-ga","matchCriteriaId":"F73E8580-C9EF-4F21-A5D0-468D85BDDEE1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:-:*","matchCriteriaId":"E31E09C7-9F07-4FAE-8C38-16E75BC8A576"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:-:*","matchCriteriaId":"647F2145-B063-43EA-8045-32D3B4D893F6"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*","matchCriteriaId":"E33796DB-4523-4F04-B564-ADF030553D51"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*","matchCriteriaId":"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*","matchCriteriaId":"821614DD-37DD-44E2-A8A4-FE8D23A33C3C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:easy_ups_online_monitoring_software:*:*:*:*:*:*:*:*","versionEndExcluding":"2.5-gs","matchCriteriaId":"D2CC95E9-44AE-4809-83DE-4AFDA682305B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:-:*","matchCriteriaId":"E31E09C7-9F07-4FAE-8C38-16E75BC8A576"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:-:*","matchCriteriaId":"647F2145-B063-43EA-8045-32D3B4D893F6"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*","matchCriteriaId":"E33796DB-4523-4F04-B564-ADF030553D51"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*","matchCriteriaId":"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*","matchCriteriaId":"821614DD-37DD-44E2-A8A4-FE8D23A33C3C"}]}]}],"references":[{"url":"https://download.schneider-electric.com/files?p_Doc_SEVD-2022-347-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-347-01_Easy_UPS_Online_Monitoring_Software_Security_Notification.pdf","source":"cybersecurity@se.com","tags":["Patch","Vendor Advisory"]},{"url":"https://download.schneider-electric.com/files?p_Doc_SEVD-2022-347-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-347-01_Easy_UPS_Online_Monitoring_Software_Security_Notification.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}