Описание
Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests. This can result in non-admin users manipulating the system configurations via uploading the configurations with incorrect parameters.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.67 (включая)
cpe:2.3:a:eaton:intelligent_power_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00049
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-266
CWE-269
Связанные уязвимости
github
больше 3 лет назад
Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests. This can result in non-admin users manipulating the system configurations via uploading the configurations with incorrect parameters.
EPSS
Процентиль: 15%
0.00049
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-266
CWE-269