38 matches found
CVE-2025-14377
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14376
A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14376
A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14377
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14377 Verve Asset Manager – Plaintext Storage Vulnerabilities
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14377
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14377
CVE-2025-14377 concerns the legacy Ansible playbook component of Verve Asset Manager. The issue arises from plaintext secrets being stored during playbook execution. This component has been retired and has been optional since the 1.36 release in 2024. The CVSS v4.0 score is 8.8 (HIGH), with netwo...
CVE-2025-14377 Verve Asset Manager – Plaintext Storage Vulnerabilities
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14376 Verve Asset Manager – Plaintext Storage Vulnerabilities
A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14376
The CVE-2025-14376 entry concerns the Verve Asset Manager’s legacy ADI server component, where plaintext secrets were stored in environment variables. The issue affects the ADI server, which has been retired and was optional starting with release 1.36 in 2024. The available sources state the root...
CVE-2025-14376
A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14376 Verve Asset Manager – Plaintext Storage Vulnerabilities
A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024...
Rockwell Automation Verve Asset Manager
RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to access sensitive information stored in variables within the ADI server. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...
Rockwell Automation Verve Asset Manager security vulnerability
Rockwell Automation Verve Asset Manager is a supplier-neutral OT endpoint management platform provided by Rockwell Automation. There is a security vulnerability in Rockwell Automation Verve Asset Manager, which stems from ADI server components storing plaintext keys in environmental variables...
PT-2026-3556
A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024...
Rockwell Automation Verve Asset Manager security vulnerability
Rockwell Automation Verve Asset Manager is a supplier-neutral OT endpoint management platform provided by Rockwell Automation. There is a security vulnerability in Rockwell Automation Verve Asset Manager, which stems from the Ansible playbook component storing plaintext keys incorrectly during...
PT-2026-3557
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
CISA Releases 18 Industrial Control Systems Advisories
CISA released 18 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series ICSA-25-317-02 AVEVA Application Server IDE ICSA-25-317-03...
Rockwell Automation Verve Asset Manager
RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker accessing or altering user data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...
CVE-2025-11862
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API...