Security issues in Intelligent Power Manager (IPM 1)
CVE-2021-23287

5.6MEDIUM

Key Information:

Vendor
Eaton
Status
Intelligent Power Manager (ipm 1)
Vendor
CVE Published:
1 April 2022

Summary

The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager (IPM 1) versions prior to 1.70.

Affected Version(s)

Intelligent Power Manager (IPM 1) < 1.70

References

https://www.eaton.com/content/dam/eaton/company/news-insi...
x_refsource_MISC

CVSS V3.1

Score:
5.6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Eaton thanks the below researchers for the coordinated support on the security vulnerabilities: - • CVE-2021-23287 – Andreas Finstad and Arthur Donkers
.
CVE-2021-23287 : Security issues in Intelligent Power Manager (IPM 1) | SecurityVulnerability.io