CVE-2021-23286
Security issues in Eaton Intelligent Power Manager Infrastructure
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection. This issue affects: Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) all version 1.5.0plus205 and prior versions.
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
Productos afectados
Eaton · Intelligent Power Manager Infrastructure (IPM Infrastructure)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Intelligent-Power-Manager-%28IPM%29-Infrastructure-Vulnerability-Advisory_1001c_V1.0.pdfhttps://www.eaton.com/content/dam/eaton/products/backup-power-ups-surge-it-power-distribution/power-management-software-connectivity/eaton-intelligent-power-manager/software/ipm-understand-edition-emea/eaton-ipminfra-eolmemo-en-us.pdf.