CVE-2021-23284

low-risk

Published 2022-04-18

Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to Stored Cross-site Scripting vulnerability. This issue affects: Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) all version 1.5.0plus205 and prior versions.

Do I need to act?

0.24% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.7/10 Medium

ADJACENT_NETWORK / LOW complexity

Affected Products (1)

Intelligent Power Manager Infrastructure

Affected Vendors

Eaton

References (4)

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/secu...

Broken Link https://www.eaton.com/content/dam/eaton/products/backup-power-ups-surge-it-power...

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/secu...

Broken Link https://www.eaton.com/content/dam/eaton/products/backup-power-ups-surge-it-power...

/ 100

low-risk

Severity 19/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 5/34 · Minimal