cnvd - cnvd-2021-30591

cnvd-2021-30591

Vulnerability from cnvd

Title: Eaton Intelligent Power Manager Eval注入漏洞

Description:

Eaton Intelligent Power Manager（IPM）是美国Eaton公司的一款智能电源管理器，它支持从界面远程监视和管理网络中的多个设备。

Eaton IPM 1.69之前版本存在Eval注入漏洞。该漏洞产生的原因是，程序在脚本/libs/utils.js的loadUserFile函数中的动态评估调用中使用用户的代码语法之前未对其进行正确中和。攻击者可利用该漏洞控制对该功能的输入并执行攻击者控制的命令。

Severity: 高

Patch Name: Eaton Intelligent Power Manager Eval注入漏洞的补丁

Patch Description:

Eaton Intelligent Power Manager（IPM）是美国Eaton公司的一款智能电源管理器，它支持从界面远程监视和管理网络中的多个设备。

Eaton IPM 1.69之前版本存在Eval注入漏洞。该漏洞产生的原因是，程序在脚本/libs/utils.js的loadUserFile函数中的动态评估调用中使用用户的代码语法之前未对其进行正确中和。攻击者可利用该漏洞控制对该功能的输入并执行攻击者控制的命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-intelligent-power-manager-ipm-vulnerability-advisory.pdf

Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-23277

Impacted products

Name
Eaton Intelligent Power Manager <1.69

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-23277",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-23277"
    }
  },
  "description": "Eaton Intelligent Power Manager\uff08IPM\uff09\u662f\u7f8e\u56fdEaton\u516c\u53f8\u7684\u4e00\u6b3e\u667a\u80fd\u7535\u6e90\u7ba1\u7406\u5668\uff0c\u5b83\u652f\u6301\u4ece\u754c\u9762\u8fdc\u7a0b\u76d1\u89c6\u548c\u7ba1\u7406\u7f51\u7edc\u4e2d\u7684\u591a\u4e2a\u8bbe\u5907\u3002\n\nEaton IPM 1.69\u4e4b\u524d\u7248\u672c\u5b58\u5728Eval\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662f\uff0c\u7a0b\u5e8f\u5728\u811a\u672c/libs/utils.js\u7684loadUserFile\u51fd\u6570\u4e2d\u7684\u52a8\u6001\u8bc4\u4f30\u8c03\u7528\u4e2d\u4f7f\u7528\u7528\u6237\u7684\u4ee3\u7801\u8bed\u6cd5\u4e4b\u524d\u672a\u5bf9\u5176\u8fdb\u884c\u6b63\u786e\u4e2d\u548c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63a7\u5236\u5bf9\u8be5\u529f\u80fd\u7684\u8f93\u5165\u5e76\u6267\u884c\u653b\u51fb\u8005\u63a7\u5236\u7684\u547d\u4ee4\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-intelligent-power-manager-ipm-vulnerability-advisory.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-30591",
  "openTime": "2021-04-25",
  "patchDescription": "Eaton Intelligent Power Manager\uff08IPM\uff09\u662f\u7f8e\u56fdEaton\u516c\u53f8\u7684\u4e00\u6b3e\u667a\u80fd\u7535\u6e90\u7ba1\u7406\u5668\uff0c\u5b83\u652f\u6301\u4ece\u754c\u9762\u8fdc\u7a0b\u76d1\u89c6\u548c\u7ba1\u7406\u7f51\u7edc\u4e2d\u7684\u591a\u4e2a\u8bbe\u5907\u3002\r\n\r\nEaton IPM 1.69\u4e4b\u524d\u7248\u672c\u5b58\u5728Eval\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662f\uff0c\u7a0b\u5e8f\u5728\u811a\u672c/libs/utils.js\u7684loadUserFile\u51fd\u6570\u4e2d\u7684\u52a8\u6001\u8bc4\u4f30\u8c03\u7528\u4e2d\u4f7f\u7528\u7528\u6237\u7684\u4ee3\u7801\u8bed\u6cd5\u4e4b\u524d\u672a\u5bf9\u5176\u8fdb\u884c\u6b63\u786e\u4e2d\u548c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63a7\u5236\u5bf9\u8be5\u529f\u80fd\u7684\u8f93\u5165\u5e76\u6267\u884c\u653b\u51fb\u8005\u63a7\u5236\u7684\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Eaton Intelligent Power Manager Eval\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Eaton Intelligent Power Manager \u003c1.69"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-23277",
  "serverity": "\u9ad8",
  "submitTime": "2021-04-21",
  "title": "Eaton Intelligent Power Manager Eval\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2021-23277 (GCVE-0-2021-23277)

Vulnerability from cvelistv5

Published

2021-04-13 18:04

Modified

2024-09-16 18:38

Severity ?

8.3 (High) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

Summary

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful exploitation can allow attackers to control the input to the function and execute attacker controlled commands.

References

▼	URL	Tags
	https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-intelligent-power-manager-ipm-vulnerability-advisory.pdf	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Eaton	Intelligent Power manager (IPM)	Version: unspecified < 1.69

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:05:55.736Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-intelligent-power-manager-ipm-vulnerability-advisory.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intelligent Power manager (IPM)",
          "vendor": "Eaton",
          "versions": [
            {
              "lessThan": "1.69",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Amir Preminger from Claroty research"
        }
      ],
      "datePublic": "2021-04-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful exploitation can allow attackers to control the input to the function and execute attacker controlled commands."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-95",
              "description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-13T18:04:16",
        "orgId": "63703b7d-23e2-41ef-94b3-a3c6333f7759",
        "shortName": "Eaton"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-intelligent-power-manager-ipm-vulnerability-advisory.pdf"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "upgrade the software to latest version 1.69"
        }
      ],
      "source": {
        "advisory": "ETN-VA-2021-1000",
        "defect": [
          "ETN-VA-2021-1000"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Improper Neutralization of Directives in Dynamically Evaluated Code",
      "workarounds": [
        {
          "lang": "en",
          "value": "To prevent the exploitation of the issues and safeguard the software from malicious entities, Eaton recommends blocking ports 4679 \u0026 4680 at the enterprise network or home network where Intelligent Power Manager (IPM) software is installed and used"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "Eval Injection",
          "ASSIGNER": "CybersecurityCOE@eaton.com",
          "DATE_PUBLIC": "2021-04-01T07:00:00.000Z",
          "ID": "CVE-2021-23277",
          "STATE": "PUBLIC",
          "TITLE": "Improper Neutralization of Directives in Dynamically Evaluated Code"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intelligent Power manager (IPM)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "1.69"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Eaton"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Amir Preminger from Claroty research"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful exploitation can allow attackers to control the input to the function and execute attacker controlled commands."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-intelligent-power-manager-ipm-vulnerability-advisory.pdf",
              "refsource": "MISC",
              "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-intelligent-power-manager-ipm-vulnerability-advisory.pdf"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "upgrade the software to latest version 1.69"
          }
        ],
        "source": {
          "advisory": "ETN-VA-2021-1000",
          "defect": [
            "ETN-VA-2021-1000"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "To prevent the exploitation of the issues and safeguard the software from malicious entities, Eaton recommends blocking ports 4679 \u0026 4680 at the enterprise network or home network where Intelligent Power Manager (IPM) software is installed and used"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "63703b7d-23e2-41ef-94b3-a3c6333f7759",
    "assignerShortName": "Eaton",
    "cveId": "CVE-2021-23277",
    "datePublished": "2021-04-13T18:04:16.126158Z",
    "dateReserved": "2021-01-08T00:00:00",
    "dateUpdated": "2024-09-16T18:38:30.132Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted