CVE-2023-29463
published 2023-09-12CVE-2023-29463: The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user…
PriorityP427medium5.4CVSS 3.1
AVNACLPRLUINSUCLILAN
EPSS
0.78%
51.2th percentile
The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users’ session data and or log users out of their session.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | pavilion8 | — | — |
| rockwellautomation | pavilion8 | < 5.20 | 5.20 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation Pavilion8
cisa_ics·2023-09-14·CVSS 8.8
[HIGH] Rockwell Automation Pavilion8
ICS Advisory
##
Rockwell Automation Pavilion8
Release DateSeptember 14, 2023
Alert CodeICSA-23-257-07
## View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Rockwell Automation
- Equipment: Pavilion8
- Vulnerability: Improper Authentication
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to retrieve other user's sessions data.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Rockwell Automation Pavilion8, a model predictive control software, are affected:
- Pavilion8: versions v5.17.00 and v5.17.01
## 3.2 Vulnerability Overview
3.2.1 IMPROPER AUTHENTICATION CWE-287
The JMX Console within the Pavilion is exposed to appli
GHSA
GHSA-fpfr-6qqp-32gm: The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication
ghsa_unreviewed·2023-09-12
CVE-2023-29463 [MEDIUM] CWE-287 GHSA-fpfr-6qqp-32gm: The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication
The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users’ session data and or log users out of their session.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-09-12
Published