CVE-2021-23286

Summary

Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection. This issue affects: Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) all version 1.5.0plus205 and prior versions.

Affected Software

VendorProductVersion RangeStatus
EatonIntelligent Power Manager Infrastructure (IPM Infrastructure)all <= 1.5.0plus205affected

Weaknesses

  • CWE-1236: CWE-1236: Improper Neutralization of Formula Elements in a CSV File

ADP Enrichment

CVE Program Container

Additional References

References