The official site for Saudi CERT
Eaton Update
3086
Warning Date
Severity Level
Warning Number
Target Sector
12 May, 2022
● Medium
2022-4822
All
Eaton has released security update to address multiple vulnerabilities in the following product :
- Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure): All versions including v1.5.0 plus205
- Eaton Intelligent Power Protector (IPP): All versions prior to v1.69 release 166
- Eaton Intelligent Power Manager (IPM) v1: All versions prior to v1.70
Attacker could exploit these vulnerabilities by doing the following:
- Improper input validation
- Cross-site scripting (XSS)
The CERT team encourages users to review Eaton security advisory and apply the necessary update:
- https://www.eaton.com/us/en-us/catalog/backup-power-ups-surge-it-power-distribution/software-downloads.html
- https://www.eaton.com/content/dam/eaton/products/backup-power-ups-surge-it-power-distribution/power-management-software-connectivity/eaton-intelligent-power-manager/software/ipm-understand-edition-emea/eaton-ipminfra-eolmemo-en-us.pdf
- https://www.eaton.com/us/en-us/digital/brightlayer/brightlayer-data-centers-suite/disaster-avoidance-software.html
Rate the content
Share the page
