Vulnerabilities > Eaton
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-13 | CVE-2024-31414 | Cross-site Scripting vulnerability in Eaton Foreseer Electrical Power Monitoring System The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. | 6.1 |
| 2024-09-13 | CVE-2024-31415 | Insufficiently Protected Credentials vulnerability in Eaton Foreseer Electrical Power Monitoring System The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. | 8.1 |
| 2024-09-13 | CVE-2024-31416 | Improper Validation of Specified Quantity in Input vulnerability in Eaton Foreseer Electrical Power Monitoring System The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc. | 6.5 |
| 2023-10-17 | CVE-2023-43776 | Inadequate Encryption Strength vulnerability in Eaton products Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. | 6.6 |
| 2023-10-17 | CVE-2023-43777 | Insufficiently Protected Credentials vulnerability in Eaton Easysoft Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. | 6.5 |
| 2023-09-27 | CVE-2023-43775 | Unspecified vulnerability in Eaton products Denial-of-service vulnerability in the web server of the Eaton SMP Gateway allows attacker to potentially force an unexpected restart of the automation platform, impacting the availability of the product. | 5.3 |
| 2022-10-28 | CVE-2022-33859 | Unrestricted Upload of File with Dangerous Type vulnerability in Eaton Foreseer Electrical Power Monitoring System 4.0/7.0/7.5 A security vulnerability was discovered in the Eaton Foreseer EPMS software. | 9.8 |
| 2022-04-19 | CVE-2021-23283 | Cross-site Scripting vulnerability in Eaton Intelligent Power Protector Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting. | 3.5 |
| 2022-04-18 | CVE-2021-23284 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Infrastructure 1.5.0Plus205 Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to Stored Cross-site Scripting vulnerability. | 4.8 |
| 2022-04-18 | CVE-2021-23285 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to reflected Cross-site Scripting vulnerability. | 4.8 |