Lucene search
RockwellCVELIST:CVE-2024-7960HistorySep 12, 2024 - 8:15 p.m.
CVE-2024-7960 Rockwell Automation Incorrect Privileges and Path Traversal Vulnerability in Pavilion8®
2024-09-1220:15:09
CWE-269
Rockwell
www.cve.org
5
cve-2024-7960
rockwell automation
incorrect privileges
path traversal
pavilion8®
CVSS4
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:L/SI:N/VA:L/SA:N
EPSS
0.001
Percentile
32.2%
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect privilege matrix that allows users to have access to functions they should not.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Pavilion8®",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "<V5.20"
}
]
}
]Related
cve
cve
CVE-2024-7960
2024-09-12 21:15:03
nvd
nvd
CVE-2024-7960
2024-09-12 21:15:03
vulnrichment
vulnrichment
ics
ics
Rockwell Automation Pavilion8
2024-09-12 12:00:00
CVSS4
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:L/SI:N/VA:L/SA:N
EPSS
0.001
Percentile
32.2%
Related for CVELIST:CVE-2024-7960