CVE-2021-23288
Summary
| CVE | CVE-2021-23288 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-04-01 23:15:00 UTC |
| Updated | 2022-04-09 00:40:00 UTC |
| Description | The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. This issue affects: Intelligent Power Protector versions prior to 1.69. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Eaton | Intelligent Power Protector | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/securit... | MISC | www.eaton.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Eaton thanks the below researchers for the coordinated support on the security vulnerabilities: - • CVE-2021-23288 – Andreas Finstad and Arthur Donkers
There are currently no legacy QID mappings associated with this CVE.