Vulnerabilities > Eaton
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-17 | CVE-2023-43776 | Inadequate Encryption Strength vulnerability in Eaton products Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. | 6.6 |
| 2023-10-17 | CVE-2023-43777 | Insufficiently Protected Credentials vulnerability in Eaton Easysoft Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. | 6.5 |
| 2023-09-27 | CVE-2023-43775 | Unspecified vulnerability in Eaton products Denial-of-service vulnerability in the web server of the Eaton SMP Gateway allows attacker to potentially force an unexpected restart of the automation platform, impacting the availability of the product. | 5.3 |
| 2022-10-28 | CVE-2022-33859 | Unrestricted Upload of File with Dangerous Type vulnerability in Eaton Foreseer Electrical Power Monitoring System 4.0/7.0/7.5 A security vulnerability was discovered in the Eaton Foreseer EPMS software. | 9.8 |
| 2022-04-19 | CVE-2021-23283 | Cross-site Scripting vulnerability in Eaton Intelligent Power Protector Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting. | 3.5 |
| 2022-04-18 | CVE-2021-23284 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Infrastructure 1.5.0Plus205 Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to Stored Cross-site Scripting vulnerability. | 4.8 |
| 2022-04-18 | CVE-2021-23285 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to reflected Cross-site Scripting vulnerability. | 4.8 |
| 2022-04-18 | CVE-2021-23286 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Eaton Intelligent Power Manager Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection. | 8.0 |
| 2022-04-01 | CVE-2021-23287 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager 1.6/1.67/1.69 The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. | 3.5 |
| 2022-04-01 | CVE-2021-23288 | Cross-site Scripting vulnerability in Eaton Intelligent Power Protector The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. | 2.3 |