Primary

Context

Eaton Intelligent Power Protector Insecure Cookie Configuration Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

Patched

A vulnerability exists in Eaton Intelligent Power Protector (IPP) due to an insecure cookie configuration. This flaw could enable a network-based attacker to intercept cookies and exploit them in a man-in-the-middle attack. The issue has been addressed in the latest version of Eaton IPP software, available for download from the Eaton download center.

Impact

Exploitation of this vulnerability could lead to a man-in-the-middle attack, allowing an attacker to intercept and potentially manipulate cookie data.

Remediation

Users are advised to update to the latest version of Eaton Intelligent Power Protector software, available on the Eaton download center.

Added: Apr 16, 2026, 7:17 AM

Updated: Apr 16, 2026, 7:17 AM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.0

remediation

7.7

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.0

remediation

7.7

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Eaton Intelligent Power Protector Insecure Cookie Configuration Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

Impact

Remediation

Affected Products

Eaton Intelligent Power Protector

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating