Vulnerability Details CVE-2021-23288
The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. This issue affects: Intelligent Power Protector versions prior to 1.69.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.8%
CVSS Severity
CVSS v3 Score 5.6
CVSS v2 Score 2.3
References
- https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Intelligent-Power-Protector-Vulnerability-Advisory_1002b_V1.0.pdf
- https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Intelligent-Power-Protector-Vulnerability-Advisory_1002b_V1.0.pdf
Products affected by CVE-2021-23288
-
cpe:2.3:a:eaton:intelligent_power_protector:1.10
-
cpe:2.3:a:eaton:intelligent_power_protector:1.20
-
cpe:2.3:a:eaton:intelligent_power_protector:1.28
-
cpe:2.3:a:eaton:intelligent_power_protector:1.30
-
cpe:2.3:a:eaton:intelligent_power_protector:1.42
-
cpe:2.3:a:eaton:intelligent_power_protector:1.50
-
cpe:2.3:a:eaton:intelligent_power_protector:1.52
-
cpe:2.3:a:eaton:intelligent_power_protector:1.53
-
cpe:2.3:a:eaton:intelligent_power_protector:1.61
-
cpe:2.3:a:eaton:intelligent_power_protector:1.66
-
cpe:2.3:a:eaton:intelligent_power_protector:1.67
-
cpe:2.3:a:eaton:intelligent_power_protector:1.68