Lucene search
China National Vulnerability DatabaseCNVD-2023-79689HistorySep 21, 2023 - 12:00 a.m.
Rockwell Automation Pavilion8 License Issue Vulnerability
2023-09-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
2
rockwell automation
pavilion8
authorization
vulnerability
jmx console
authentication
attacker
session count
log out
Rockwell Automation Pavilion8 is a model prediction console from Rockwell Automation. Rockwell Automation Pavilion8 suffers from an authorization issue vulnerability that stems from the fact that the JMX Console is publicly available to users and does not require authentication. An attacker could use this vulnerability to retrieve the session count of another user or log the user out of their session.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rockwell automation pavilion8 | lt | 5.20 |
Related
cve
cve
CVE-2023-29463
2023-09-12 17:15:09
ics
ics
Rockwell Automation Pavilion8
2023-09-14 12:00:00
prion
prion
Authentication flaw
2023-09-12 17:15:00
cvelist
cvelist
CVE-2023-29463 Pavilion8 Security Misconfiguration Vulnerability
2023-09-12 16:42:14
nvd
nvd
CVE-2023-29463
2023-09-12 17:15:09