What is the vulnerability ID of this issue?

The vulnerability ID is CVE-2022-42973.

What is the severity level of CVE-2022-42973?

The severity level of CVE-2022-42973 is high.

How does CVE-2022-42973 affect APC Easy UPS Online Monitoring Software?

CVE-2022-42973 affects APC Easy UPS Online Monitoring Software versions prior to V2.5-GA.

How does CVE-2022-42973 affect Microsoft Windows?

CVE-2022-42973 does not affect Microsoft Windows 11, Windows Server 2019, Windows Server 2022, Windows 10, Windows 7, or Windows Server 2016.

Is there a security notification available for CVE-2022-42973?

Yes, you can find the Security Notification for CVE-2022-42973 at this URL: [link](https://download.schneider-electric.com/files?p_Doc_SEVD-2022-347-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-347-01_Easy_UPS_Online_Monitoring_Software_Security_Notification.pdf).

Vulnerability/
CVE-2022-42973

high

7.8

CWE

798

1/2/2023

8/2/2023

CVE-2022-42973

First published: Wed Feb 01 2023(Updated: )

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261)

Credit: cybersecurity@se.com

Affected Software	Affected Version	How to fix
Schneider-electric Apc Easy Ups Online Monitoring Software	<2.5-ga-01-22320
Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Schneider-electric Easy Ups Online Monitoring Software	<2.5-gs-01-22320
Schneider-electric Apc Easy Ups Online Monitoring Software	<2.5-ga
Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows Server 2016
Schneider-electric Easy Ups Online Monitoring Software	<2.5-gs

Never miss a vulnerability like this again

Reference Links

https://download.schneider-electric.com/files?p_Doc_SEVD-2022-347-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-347-01_Easy_UPS_Online_Monitoring_Software_Security_Notification.pdf

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2022-42973.
What is the severity level of CVE-2022-42973?
The severity level of CVE-2022-42973 is high.
How does CVE-2022-42973 affect APC Easy UPS Online Monitoring Software?
CVE-2022-42973 affects APC Easy UPS Online Monitoring Software versions prior to V2.5-GA.
How does CVE-2022-42973 affect Microsoft Windows?
CVE-2022-42973 does not affect Microsoft Windows 11, Windows Server 2019, Windows Server 2022, Windows 10, Windows 7, or Windows Server 2016.
Is there a security notification available for CVE-2022-42973?
Yes, you can find the Security Notification for CVE-2022-42973 at this URL: [link](https://download.schneider-electric.com/files?p_Doc_SEVD-2022-347-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-347-01_Easy_UPS_Online_Monitoring_Software_Security_Notification.pdf).

agent/severity
agent/references
agent/author
agent/type
agent/weakness
agent/description
agent/event
agent/last-modified-date
agent/remedy
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/schneider-electric
canonical/schneider-electric apc easy ups online monitoring software
vendor/microsoft
canonical/microsoft windows 11
canonical/microsoft windows server 2019
canonical/microsoft windows server 2022
canonical/schneider-electric easy ups online monitoring software
canonical/microsoft windows 10
canonical/microsoft windows 7
canonical/microsoft windows server 2016