Eaton Intelligent Power Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Eaton Intelligent Power Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2021-23281 — CVSS 10.0 (critical): Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM software does…
CVE-2018-12031 — CVSS 9.8 (critical): Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory…
CVE-2020-6651 — CVSS 8.8 (high): Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import…
CVE-2021-23278 — CVSS 8.7 (high): Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to…
CVE-2021-23277 — CVSS 8.3 (high): Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not…
CVE-2021-23279 — CVSS 8.0 (high): Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to…
CVE-2021-23280 — CVSS 8.0 (high): Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s maps_srv.js…
CVE-2020-6652 — CVSS 7.8 (high): Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the…
CVE-2021-23276 — CVSS 7.1 (high): Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially…
CVE-2021-23286 — CVSS 5.7 (medium): Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV…
CVE-2021-23287 — CVSS 5.6 (medium): The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects…
CVE-2021-23285 — CVSS 3.1 (low): Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to reflected…