ByteOS Network

CVE Vulnerability Details :

CVE-2022-33862

PUBLISHED

More Info Official Page

Assigner-Eaton

Assigner Org ID-63703b7d-23e2-41ef-94b3-a3c6333f7759

Published At-25 Nov, 2024 | 08:54

Updated At-25 Nov, 2024 | 13:56

▼CVE Numbering Authority (CNA)

Improper access control mechanism in IPP

IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could lead attackers to identify and access vulnerable systems.

Affected Products

Vendor

Eaton

Product

Intelligent Power Protector (IPP)

Default Status

unknown

Versions

Affected

From 0 before 1.71 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-287	CWE-287 Improper Authentication

Type: CWE

CWE ID: CWE-287

Description: CWE-287 Improper Authentication

Metrics

Version	Base score	Base severity	Vector
3.1	6.7	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 6.7

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Solutions

Eaton has remediated the vulnerabilities in IPP software version 1.71.

References

Hyperlink	Resource
https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/ETN-VA-2022-1011.pdf	N/A

Hyperlink: https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/ETN-VA-2022-1011.pdf

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Vendor

eaton

Product

intelligent_power_protector

CPEs

cpe:2.3:a:eaton:intelligent_power_protector:*:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 before 1.71 (custom)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Affected

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References