6 matches found
The vulnerability of the Rockwell Automation Pavilion8 platform for simulation, control, and optimization, related to insecure privilege management, allows a intruder to gain unauthorized access to arbitrary functions.
The vulnerability of the Rockwell Automation Pavilion8 platform for simulation, control, and optimization is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to gain unauthorized access to arbitrary functions...
Rockwell Automation Pavilion8
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Pavilion8 Vulnerabilities : Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...
CVE-2024-40620 Rockwell Automation Pavilion8® Unencrypted Data Vulnerability via HTTP protocol
CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. The vulnerability results in data being sent between the Console and the Dashboard without encryption, which can be seen in the logs of proxy servers, potentially impacting the...
CVE-2024-40620 Rockwell Automation Pavilion8® Unencrypted Data Vulnerability via HTTP protocol
CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. The vulnerability results in data being sent between the Console and the Dashboard without encryption, which can be seen in the logs of proxy servers, potentially impacting the...
Rockwell Automation Pavilion8 安全漏洞
Rockwell Automation Pavilion8 is a model prediction console from Rockwell Automation. An elevation of privilege vulnerability exists in Rockwell Automation Pavilion 8, which can be exploited by an attacker to read sensitive data and create users...
CVE-2023-29463
The CVE-2023-29463 issue affects Rockwell Automation Pavilion8: the JMX Console is publicly accessible and requires no authentication, enabling a malicious user to retrieve other users’ session data or log them out. Affected product: Pavilion8 (model predictive control software); affected version...