Vulnerabilities > Eaton > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-13 | CVE-2024-31414 | Cross-site Scripting vulnerability in Eaton Foreseer Electrical Power Monitoring System The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. | 6.1 |
2024-09-13 | CVE-2024-31416 | Improper Validation of Specified Quantity in Input vulnerability in Eaton Foreseer Electrical Power Monitoring System The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc. | 6.5 |
2023-10-17 | CVE-2023-43776 | Inadequate Encryption Strength vulnerability in Eaton products Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. | 6.6 |
2023-10-17 | CVE-2023-43777 | Insufficiently Protected Credentials vulnerability in Eaton Easysoft Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. | 6.5 |
2023-09-27 | CVE-2023-43775 | Unspecified vulnerability in Eaton products Denial-of-service vulnerability in the web server of the Eaton SMP Gateway allows attacker to potentially force an unexpected restart of the automation platform, impacting the availability of the product. | 5.3 |
2022-04-19 | CVE-2021-23283 | Cross-site Scripting vulnerability in Eaton Intelligent Power Protector Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting. | 5.4 |
2022-04-18 | CVE-2021-23284 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Infrastructure 1.5.0Plus205 Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to Stored Cross-site Scripting vulnerability. | 4.8 |
2022-04-18 | CVE-2021-23285 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to reflected Cross-site Scripting vulnerability. | 4.8 |
2022-04-01 | CVE-2021-23287 | Cross-site Scripting vulnerability in Eaton Intelligent Power Manager 1.6/1.67/1.69 The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. | 5.4 |
2022-04-01 | CVE-2021-23288 | Cross-site Scripting vulnerability in Eaton Intelligent Power Protector The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. | 4.8 |