Software Flaw Allows Acceptance of Invalid Data
CVE-2022-33861
5.1MEDIUM
Summary
The IPP software developed by Eaton prior to version 1.71 suffers from a data validation issue where it fails to adequately verify the authenticity of incoming data. This vulnerability could potentially allow attackers to exploit the system by feeding invalid data that the software accepts, thereby impacting the integrity of data processing and overall system security. This situation emphasizes the necessity for robust data authentication mechanisms to safeguard against unauthorized access and manipulation.
Affected Version(s)
Intelligent Power Protector 0 < 1.71
References
CVSS V3.1
Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved