The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect privilege matrix that allows users to have access to functions they should not.
References
Link | Resource |
---|---|
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html | Vendor Advisory |
Configurations
History
19 Sep 2024, 01:52
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
First Time |
Rockwellautomation pavilion8
Rockwellautomation |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
CPE | cpe:2.3:a:rockwellautomation:pavilion8:*:*:*:*:*:*:*:* | |
References | () https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html - Vendor Advisory | |
CWE | NVD-CWE-noinfo |
12 Sep 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-12 21:15
Updated : 2024-09-19 01:52
NVD link : CVE-2024-7960
Mitre link : CVE-2024-7960
CVE.ORG link : CVE-2024-7960
JSON object : View
Products Affected
rockwellautomation
- pavilion8
CWE