Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistEatonCVELIST:CVE-2021-23288
HistoryApr 01, 2022 - 10:17 p.m.

CVE-2021-23288 Security issues in Intelligent Power Protector

2022-04-0122:17:34
CWE-79
Eaton
www.cve.org
4
cve-2021-23288
intelligent power protector
input validation

CVSS3

5.6

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H

AI Score

5.6

Confidence

High

EPSS

0

Percentile

12.6%

JSON

The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. This issue affects: Intelligent Power Protector versions prior to 1.69.

CNA Affected

[
  {
    "product": "Intelligent Power Protector",
    "vendor": "Eaton",
    "versions": [
      {
        "lessThan": "1.69",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

cve 1
nvd 1
prion 1
cve
cve
CVE-2021-23288
2022-04-01 23:15:08
nvd
nvd
CVE-2021-23288
2022-04-01 23:15:08
prion
prion
Input validation
2022-04-01 23:15:00

CVSS3

5.6

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H

AI Score

5.6

Confidence

High

EPSS

0

Percentile

12.6%

JSON
Related for CVELIST:CVE-2021-23288
cve1nvd1prion1