Vulnerabilities > Eaton
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-19 | CVE-2021-23283 | Cross-site Scripting vulnerability in Eaton Intelligent Power Protector Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting. | 3.5 |
| 2022-04-18 | CVE-2021-23284 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Infrastructure Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to Stored Cross-site Scripting vulnerability. | 3.5 |
| 2022-04-18 | CVE-2021-23285 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to reflected Cross-site Scripting vulnerability. | 3.5 |
| 2022-04-18 | CVE-2021-23286 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Eaton Intelligent Power Manager Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection. | 7.9 |
| 2022-04-01 | CVE-2021-23287 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager 1.6/1.67/1.69 The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. | 3.5 |
| 2022-04-01 | CVE-2021-23288 | Cross-site Scripting vulnerability in Eaton Intelligent Power Protector The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. | 2.3 |
| 2021-01-07 | CVE-2020-6656 | Type Confusion vulnerability in Eaton Easysoft Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file parsing type confusion remote code execution vulnerability. | 6.8 |
| 2021-01-07 | CVE-2020-6655 | Out-of-bounds Read vulnerability in Eaton Easysoft 7.20 The Eaton's easySoft software v7.xx prior to v7.22 are susceptible to Out-of-bounds remote code execution vulnerability. | 6.8 |
| 2020-09-30 | CVE-2020-6654 | Uncontrolled Search Path Element vulnerability in Eaton 9000X Programming and Configuration Software A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL. | 4.4 |
| 2020-08-12 | CVE-2020-6653 | Information Exposure vulnerability in Eaton Secureconnect 1.7.3 Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. | 2.1 |