Medium severity5.7NVD Advisory· Published Apr 16, 2026· Updated Apr 22, 2026
CVE-2026-22617
CVE-2026-22617
Description
Eaton Intelligent Power Protector (IPP) uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download centre.
Affected products
2cpe:2.3:a:eaton:intelligent_power_protector:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:eaton:intelligent_power_protector:*:*:*:*:*:*:*:*range: <2.00
- (no CPE)
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.