Vulnerabilities > Eaton > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-13 CVE-2024-31414 Cross-site Scripting vulnerability in Eaton Foreseer Electrical Power Monitoring System
The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages.
network
low complexity
eaton CWE-79
6.1
2024-09-13 CVE-2024-31416 Improper Validation of Specified Quantity in Input vulnerability in Eaton Foreseer Electrical Power Monitoring System
The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc.
network
low complexity
eaton CWE-1284
6.5
2023-10-17 CVE-2023-43776 Inadequate Encryption Strength vulnerability in Eaton products
Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access.
low complexity
eaton CWE-326
6.6
2023-10-17 CVE-2023-43777 Insufficiently Protected Credentials vulnerability in Eaton Easysoft
Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays.
network
low complexity
eaton CWE-522
6.5
2023-09-27 CVE-2023-43775 Unspecified vulnerability in Eaton products
Denial-of-service vulnerability in the web server of the Eaton SMP Gateway allows attacker to potentially force an unexpected restart of the automation platform, impacting the availability of the product.
network
low complexity
eaton
5.3
2022-04-19 CVE-2021-23283 Cross-site Scripting vulnerability in Eaton Intelligent Power Protector
Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting.
network
low complexity
eaton CWE-79
5.4
2022-04-18 CVE-2021-23284 Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Infrastructure 1.5.0Plus205
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to Stored Cross-site Scripting vulnerability.
network
low complexity
eaton CWE-79
4.8
2022-04-18 CVE-2021-23285 Cross-site Scripting vulnerability in Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to reflected Cross-site Scripting vulnerability.
network
low complexity
eaton CWE-79
4.8
2022-04-01 CVE-2021-23287 Cross-site Scripting vulnerability in Eaton Intelligent Power Manager 1.6/1.67/1.69
The vulnerability exists due to insufficient validation of input of certain resources within the IPM software.
network
low complexity
eaton CWE-79
5.4
2022-04-01 CVE-2021-23288 Cross-site Scripting vulnerability in Eaton Intelligent Power Protector
The vulnerability exists due to insufficient validation of input from certain resources by the IPP software.
low complexity
eaton CWE-79
4.8