Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for thinmanager_thinserver by rockwellautomation

    CVE-2024-7988 (GCVE-0-2024-7988)

    Vulnerability from nvd – Published: 2024-08-26 14:47 – Updated: 2024-08-26 17:46
    VLAI
    Title
    ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
    Summary
    A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager® ThinServer™ Affected: 11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.0 , ≤ 11.1.7 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 12.0.0 , ≤ 12.0.6 (custom)
    Affected: 12.1.0 , ≤ 12.1.7 (custom)
    Affected: 13.0.0 , ≤ 13.0.4 (custom)
    Affected: 13.1.0 , ≤ 13.1.2 (custom)
    Affected: 13.2.0 , ≤ 13.2.1 (custom)
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-26 13:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "lessThanOrEqual": "11.1.7",
                    "status": "affected",
                    "version": "11.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.2.8",
                    "status": "affected",
                    "version": "11.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "12.0.6",
                    "status": "affected",
                    "version": "12.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "12.1.7",
                    "status": "affected",
                    "version": "12.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.0.4",
                    "status": "affected",
                    "version": "13.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.1.2",
                    "status": "affected",
                    "version": "13.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.2.1",
                    "status": "affected",
                    "version": "13.2.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7988",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-26T17:39:20.975738Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-26T17:46:47.107Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager\u00ae ThinServer\u2122",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1"
                }
              ]
            }
          ],
          "datePublic": "2024-08-26T13:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote code execution vulnerability exists in the Rockwell Automation ThinManager\u00ae ThinServer\u2122 that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.\u003c/span\u003e"
                }
              ],
              "value": "A remote code execution vulnerability exists in the Rockwell Automation ThinManager\u00ae ThinServer\u2122 that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-26T14:47:07.612Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Product\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eFirst Known in software version\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eCorrected in software version\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eThinManager\u00ae ThinServer\u2122\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.0-11.1.7\u003cbr\u003e11.2.0-11.2.8\u003cbr\u003e12.0.0-12.0.6\u003cbr\u003e12.1.0-12.1.7\u003cbr\u003e13.0.0-13.0.4\u003cbr\u003e13.1.0-13.1.2\u003cbr\u003e13.2.0-13.2.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.8\u003c/p\u003e\u003cp\u003e11.2.9\u003c/p\u003e\u003cp\u003e12.0.7\u003c/p\u003e\u003cp\u003e12.1.8\u003c/p\u003e\u003cp\u003e13.0.5\u003c/p\u003e\u003cp\u003e13.1.3\u003c/p\u003e\u003cp\u003e13.2.2\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003e\u003cb\u003eMitigations and Workarounds\u003c/b\u003e\u003c/p\u003e\u003cp\u003eCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "Affected Product\n\nFirst Known in software version\n\nCorrected in software version\n\nThinManager\u00ae ThinServer\u2122\n\n11.1.0-11.1.7\n11.2.0-11.2.8\n12.0.0-12.0.6\n12.1.0-12.1.7\n13.0.0-13.0.4\n13.1.0-13.1.2\n13.2.0-13.2.1\n\n11.1.8\n\n11.2.9\n\n12.0.7\n\n12.1.8\n\n13.0.5\n\n13.1.3\n\n13.2.2\n\n\n\n\nMitigations and Workarounds\n\nCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\n\n\u00b7 \u00a0 \u00a0 \u00a0  Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "ThinManager\u00ae ThinServer\u2122 Information Disclosure and Remote Code Execution Vulnerabilities",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2024-7988",
        "datePublished": "2024-08-26T14:47:07.612Z",
        "dateReserved": "2024-08-19T20:06:27.545Z",
        "dateUpdated": "2024-08-26T17:46:47.107Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7987 (GCVE-0-2024-7987)

    Vulnerability from nvd – Published: 2024-08-26 14:40 – Updated: 2024-08-26 17:29
    VLAI
    Title
    Rockwell Automation ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
    Summary
    A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer™ service by creating a junction and use it to upload arbitrary files.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • ThinManager® ThinServer™ Remote Code Execution
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager® ThinServer™ Affected: 11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.1.0 , ≤ 11.1.7 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 12.0.0 , ≤ 12.0.6 (custom)
    Affected: 12.1.0 , ≤ 12.1.7 (custom)
    Affected: 13.0.0 , ≤ 13.0.4 (custom)
    Affected: 13.1.0 , ≤ 13.1.2 (custom)
    Affected: 13.2.0 , ≤ 13.2.1 (custom)
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-26 13:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "lessThanOrEqual": "11.1.7",
                    "status": "affected",
                    "version": "11.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.2.8",
                    "status": "affected",
                    "version": "11.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "12.0.6",
                    "status": "affected",
                    "version": "12.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "12.1.7",
                    "status": "affected",
                    "version": "12.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.0.4",
                    "status": "affected",
                    "version": "13.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.1.2",
                    "status": "affected",
                    "version": "13.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.2.1",
                    "status": "affected",
                    "version": "13.2.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7987",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-26T17:20:29.756565Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-434",
                    "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-26T17:29:09.449Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager\u00ae ThinServer\u2122",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1"
                }
              ]
            }
          ],
          "datePublic": "2024-08-26T13:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote code execution vulnerability exists in the Rockwell Automation\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThinManager\u00ae ThinServer\u2122\u003c/span\u003e\nthat allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer\u2122 service by creating a junction and use it to upload arbitrary files.\u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "A remote code execution vulnerability exists in the Rockwell Automation\u00a0ThinManager\u00ae ThinServer\u2122\nthat allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer\u2122 service by creating a junction and use it to upload arbitrary files."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-576",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-576 Group Permission Footprinting"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "ThinManager\u00ae ThinServer\u2122 Remote Code Execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-26T14:40:29.255Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003effected Product\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eFirst Known in software version\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eCorrected in software version\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eThinManager\u00ae ThinServer\u2122\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.0-11.1.7\u003cbr\u003e11.2.0-11.2.8\u003cbr\u003e12.0.0-12.0.6\u003cbr\u003e12.1.0-12.1.7\u003cbr\u003e13.0.0-13.0.4\u003cbr\u003e13.1.0-13.1.2\u003cbr\u003e13.2.0-13.2.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.8\u003c/p\u003e\u003cp\u003e11.2.9\u003c/p\u003e\u003cp\u003e12.0.7\u003c/p\u003e\u003cp\u003e12.1.8\u003c/p\u003e\u003cp\u003e13.0.5\u003c/p\u003e\u003cp\u003e13.1.3\u003c/p\u003e\u003cp\u003e13.2.2\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003e\u003cb\u003eMitigations and Workarounds\u003c/b\u003e\u003c/p\u003e\u003cp\u003eCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "ffected Product\n\nFirst Known in software version\n\nCorrected in software version\n\nThinManager\u00ae ThinServer\u2122\n\n11.1.0-11.1.7\n11.2.0-11.2.8\n12.0.0-12.0.6\n12.1.0-12.1.7\n13.0.0-13.0.4\n13.1.0-13.1.2\n13.2.0-13.2.1\n\n11.1.8\n\n11.2.9\n\n12.0.7\n\n12.1.8\n\n13.0.5\n\n13.1.3\n\n13.2.2\n\n\n\n\nMitigations and Workarounds\n\nCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\n\n\u00b7 \u00a0 \u00a0 \u00a0  Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
            }
          ],
          "source": {
            "advisory": "SD1692",
            "discovery": "EXTERNAL"
          },
          "title": "Rockwell Automation ThinManager\u00ae ThinServer\u2122 Information Disclosure and Remote Code Execution Vulnerabilities",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2024-7987",
        "datePublished": "2024-08-26T14:40:29.255Z",
        "dateReserved": "2024-08-19T20:06:26.723Z",
        "dateUpdated": "2024-08-26T17:29:09.449Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2917 (GCVE-0-2023-2917)

    Vulnerability from nvd – Published: 2023-08-17 15:10 – Updated: 2024-10-08 16:56
    VLAI
    Title
    Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
    Summary
    The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.  Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed.  A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager ThinServer Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-17 14:00
    Credits
    This vulnerability was reported to Rockwell Automation by Tenable Network Security.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:41:04.162Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.0.0 - 11.2.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0 - 11.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.2.0 - 11.2.7"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.0 - 12.0.5"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0 - 12.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.0 - 13.0.2"
                  },
                  {
                    "status": "affected",
                    "version": "13.1.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2917",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-08T16:49:50.493475Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-08T16:56:43.912Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager ThinServer",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0 - 11.2.6"
                },
                {
                  "status": "affected",
                  "version": "11.1.0 - 11.1.6"
                },
                {
                  "status": "affected",
                  "version": "11.2.0 - 11.2.7"
                },
                {
                  "status": "affected",
                  "version": "12.0.0 - 12.0.5"
                },
                {
                  "status": "affected",
                  "version": "12.1.0 - 12.1.6"
                },
                {
                  "status": "affected",
                  "version": "13.0.0 - 13.0.2"
                },
                {
                  "status": "affected",
                  "version": "13.1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "This vulnerability was reported to Rockwell Automation by Tenable Network Security."
            }
          ],
          "datePublic": "2023-08-17T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.\u0026nbsp;\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. \u0026nbsp;A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.\u003c/span\u003e\n\n  "
                }
              ],
              "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.\u00a0\u00a0Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. \u00a0A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.\n\n  "
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-17T15:10:08.696Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cul\u003e\u003cli\u003eUpdate to the corrected software versions.\u003c/li\u003e\u003cli\u003eLimit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "\n  *  Update to the corrected software versions.\n  *  Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\n\n\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2023-2917",
        "datePublished": "2023-08-17T15:10:08.696Z",
        "dateReserved": "2023-05-26T13:57:12.308Z",
        "dateUpdated": "2024-10-08T16:56:43.912Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2915 (GCVE-0-2023-2915)

    Vulnerability from nvd – Published: 2023-08-17 15:05 – Updated: 2024-10-08 17:01
    VLAI
    Title
    Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
    Summary
    The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager ThinServer Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-17 14:00
    Credits
    This vulnerability was reported to Rockwell Automation by Tenable Network Security.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:41:03.650Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.0.0 - 11.2.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0 - 11.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.2.0 - 11.2.7"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.0 - 12.0.5"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0 - 12.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.0 - 13.0.2"
                  },
                  {
                    "status": "affected",
                    "version": "13.1.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2915",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-08T16:58:47.679391Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-08T17:01:54.549Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager ThinServer",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0 - 11.2.6"
                },
                {
                  "status": "affected",
                  "version": "11.1.0 - 11.1.6"
                },
                {
                  "status": "affected",
                  "version": "11.2.0 - 11.2.7"
                },
                {
                  "status": "affected",
                  "version": "12.0.0 - 12.0.5"
                },
                {
                  "status": "affected",
                  "version": "12.1.0 - 12.1.6"
                },
                {
                  "status": "affected",
                  "version": "13.0.0 - 13.0.2"
                },
                {
                  "status": "affected",
                  "version": "13.1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "This vulnerability was reported to Rockwell Automation by Tenable Network Security."
            }
          ],
          "datePublic": "2023-08-17T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges.   A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.  "
                }
              ],
              "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges.   A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.  "
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-17T15:05:52.368Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cul\u003e\u003cli\u003eUpdate to the corrected software versions.\u003c/li\u003e\u003cli\u003eLimit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "\n  *  Update to the corrected software versions.\n  *  Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\n\n\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2023-2915",
        "datePublished": "2023-08-17T15:05:52.368Z",
        "dateReserved": "2023-05-26T13:45:57.862Z",
        "dateUpdated": "2024-10-08T17:01:54.549Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2914 (GCVE-0-2023-2914)

    Vulnerability from nvd – Published: 2023-08-17 15:01 – Updated: 2024-10-08 17:08
    VLAI
    Title
    Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerabilitiy
    Summary
    The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager ThinServer Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-17 14:00
    Credits
    This vulnerability was reported to Rockwell Automation by Tenable Network Security.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:41:03.723Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.0.0 - 11.2.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0 - 11.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.2.0 - 11.2.7"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.0 - 12.0.5"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0 - 12.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.0 - 13.0.2"
                  },
                  {
                    "status": "affected",
                    "version": "13.1.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2914",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-08T17:05:51.847648Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-08T17:08:30.894Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager ThinServer",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0 - 11.2.6"
                },
                {
                  "status": "affected",
                  "version": "11.1.0 - 11.1.6"
                },
                {
                  "status": "affected",
                  "version": "11.2.0 - 11.2.7"
                },
                {
                  "status": "affected",
                  "version": "12.0.0 - 12.0.5"
                },
                {
                  "status": "affected",
                  "version": "12.1.0 - 12.1.6"
                },
                {
                  "status": "affected",
                  "version": "13.0.0 - 13.0.2"
                },
                {
                  "status": "affected",
                  "version": "13.1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "This vulnerability was reported to Rockwell Automation by Tenable Network Security."
            }
          ],
          "datePublic": "2023-08-17T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.  "
                }
              ],
              "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.  "
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-17T15:03:27.110Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cul\u003e\u003cli\u003eUpdate to the corrected software versions.\u003c/li\u003e\u003cli\u003eLimit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "\n  *  Update to the corrected software versions.\n  *  Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\n\n\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerabilitiy",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2023-2914",
        "datePublished": "2023-08-17T15:01:25.994Z",
        "dateReserved": "2023-05-26T13:23:41.377Z",
        "dateUpdated": "2024-10-08T17:08:30.894Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7988 (GCVE-0-2024-7988)

    Vulnerability from cvelistv5 – Published: 2024-08-26 14:47 – Updated: 2024-08-26 17:46
    VLAI
    Title
    ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
    Summary
    A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager® ThinServer™ Affected: 11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.0 , ≤ 11.1.7 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 12.0.0 , ≤ 12.0.6 (custom)
    Affected: 12.1.0 , ≤ 12.1.7 (custom)
    Affected: 13.0.0 , ≤ 13.0.4 (custom)
    Affected: 13.1.0 , ≤ 13.1.2 (custom)
    Affected: 13.2.0 , ≤ 13.2.1 (custom)
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-26 13:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "lessThanOrEqual": "11.1.7",
                    "status": "affected",
                    "version": "11.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.2.8",
                    "status": "affected",
                    "version": "11.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "12.0.6",
                    "status": "affected",
                    "version": "12.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "12.1.7",
                    "status": "affected",
                    "version": "12.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.0.4",
                    "status": "affected",
                    "version": "13.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.1.2",
                    "status": "affected",
                    "version": "13.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.2.1",
                    "status": "affected",
                    "version": "13.2.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7988",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-26T17:39:20.975738Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-26T17:46:47.107Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager\u00ae ThinServer\u2122",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1"
                }
              ]
            }
          ],
          "datePublic": "2024-08-26T13:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote code execution vulnerability exists in the Rockwell Automation ThinManager\u00ae ThinServer\u2122 that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.\u003c/span\u003e"
                }
              ],
              "value": "A remote code execution vulnerability exists in the Rockwell Automation ThinManager\u00ae ThinServer\u2122 that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-26T14:47:07.612Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Product\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eFirst Known in software version\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eCorrected in software version\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eThinManager\u00ae ThinServer\u2122\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.0-11.1.7\u003cbr\u003e11.2.0-11.2.8\u003cbr\u003e12.0.0-12.0.6\u003cbr\u003e12.1.0-12.1.7\u003cbr\u003e13.0.0-13.0.4\u003cbr\u003e13.1.0-13.1.2\u003cbr\u003e13.2.0-13.2.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.8\u003c/p\u003e\u003cp\u003e11.2.9\u003c/p\u003e\u003cp\u003e12.0.7\u003c/p\u003e\u003cp\u003e12.1.8\u003c/p\u003e\u003cp\u003e13.0.5\u003c/p\u003e\u003cp\u003e13.1.3\u003c/p\u003e\u003cp\u003e13.2.2\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003e\u003cb\u003eMitigations and Workarounds\u003c/b\u003e\u003c/p\u003e\u003cp\u003eCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "Affected Product\n\nFirst Known in software version\n\nCorrected in software version\n\nThinManager\u00ae ThinServer\u2122\n\n11.1.0-11.1.7\n11.2.0-11.2.8\n12.0.0-12.0.6\n12.1.0-12.1.7\n13.0.0-13.0.4\n13.1.0-13.1.2\n13.2.0-13.2.1\n\n11.1.8\n\n11.2.9\n\n12.0.7\n\n12.1.8\n\n13.0.5\n\n13.1.3\n\n13.2.2\n\n\n\n\nMitigations and Workarounds\n\nCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\n\n\u00b7 \u00a0 \u00a0 \u00a0  Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "ThinManager\u00ae ThinServer\u2122 Information Disclosure and Remote Code Execution Vulnerabilities",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2024-7988",
        "datePublished": "2024-08-26T14:47:07.612Z",
        "dateReserved": "2024-08-19T20:06:27.545Z",
        "dateUpdated": "2024-08-26T17:46:47.107Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7987 (GCVE-0-2024-7987)

    Vulnerability from cvelistv5 – Published: 2024-08-26 14:40 – Updated: 2024-08-26 17:29
    VLAI
    Title
    Rockwell Automation ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
    Summary
    A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer™ service by creating a junction and use it to upload arbitrary files.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • ThinManager® ThinServer™ Remote Code Execution
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager® ThinServer™ Affected: 11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.1.0 , ≤ 11.1.7 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 12.0.0 , ≤ 12.0.6 (custom)
    Affected: 12.1.0 , ≤ 12.1.7 (custom)
    Affected: 13.0.0 , ≤ 13.0.4 (custom)
    Affected: 13.1.0 , ≤ 13.1.2 (custom)
    Affected: 13.2.0 , ≤ 13.2.1 (custom)
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-26 13:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "lessThanOrEqual": "11.1.7",
                    "status": "affected",
                    "version": "11.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.2.8",
                    "status": "affected",
                    "version": "11.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "12.0.6",
                    "status": "affected",
                    "version": "12.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "12.1.7",
                    "status": "affected",
                    "version": "12.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.0.4",
                    "status": "affected",
                    "version": "13.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.1.2",
                    "status": "affected",
                    "version": "13.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "13.2.1",
                    "status": "affected",
                    "version": "13.2.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7987",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-26T17:20:29.756565Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-434",
                    "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-26T17:29:09.449Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager\u00ae ThinServer\u2122",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1"
                }
              ]
            }
          ],
          "datePublic": "2024-08-26T13:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote code execution vulnerability exists in the Rockwell Automation\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThinManager\u00ae ThinServer\u2122\u003c/span\u003e\nthat allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer\u2122 service by creating a junction and use it to upload arbitrary files.\u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "A remote code execution vulnerability exists in the Rockwell Automation\u00a0ThinManager\u00ae ThinServer\u2122\nthat allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer\u2122 service by creating a junction and use it to upload arbitrary files."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-576",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-576 Group Permission Footprinting"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "ThinManager\u00ae ThinServer\u2122 Remote Code Execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-26T14:40:29.255Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003effected Product\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eFirst Known in software version\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eCorrected in software version\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eThinManager\u00ae ThinServer\u2122\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.0-11.1.7\u003cbr\u003e11.2.0-11.2.8\u003cbr\u003e12.0.0-12.0.6\u003cbr\u003e12.1.0-12.1.7\u003cbr\u003e13.0.0-13.0.4\u003cbr\u003e13.1.0-13.1.2\u003cbr\u003e13.2.0-13.2.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.8\u003c/p\u003e\u003cp\u003e11.2.9\u003c/p\u003e\u003cp\u003e12.0.7\u003c/p\u003e\u003cp\u003e12.1.8\u003c/p\u003e\u003cp\u003e13.0.5\u003c/p\u003e\u003cp\u003e13.1.3\u003c/p\u003e\u003cp\u003e13.2.2\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003e\u003cb\u003eMitigations and Workarounds\u003c/b\u003e\u003c/p\u003e\u003cp\u003eCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "ffected Product\n\nFirst Known in software version\n\nCorrected in software version\n\nThinManager\u00ae ThinServer\u2122\n\n11.1.0-11.1.7\n11.2.0-11.2.8\n12.0.0-12.0.6\n12.1.0-12.1.7\n13.0.0-13.0.4\n13.1.0-13.1.2\n13.2.0-13.2.1\n\n11.1.8\n\n11.2.9\n\n12.0.7\n\n12.1.8\n\n13.0.5\n\n13.1.3\n\n13.2.2\n\n\n\n\nMitigations and Workarounds\n\nCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\n\n\u00b7 \u00a0 \u00a0 \u00a0  Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
            }
          ],
          "source": {
            "advisory": "SD1692",
            "discovery": "EXTERNAL"
          },
          "title": "Rockwell Automation ThinManager\u00ae ThinServer\u2122 Information Disclosure and Remote Code Execution Vulnerabilities",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2024-7987",
        "datePublished": "2024-08-26T14:40:29.255Z",
        "dateReserved": "2024-08-19T20:06:26.723Z",
        "dateUpdated": "2024-08-26T17:29:09.449Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2917 (GCVE-0-2023-2917)

    Vulnerability from cvelistv5 – Published: 2023-08-17 15:10 – Updated: 2024-10-08 16:56
    VLAI
    Title
    Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
    Summary
    The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.  Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed.  A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager ThinServer Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-17 14:00
    Credits
    This vulnerability was reported to Rockwell Automation by Tenable Network Security.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:41:04.162Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.0.0 - 11.2.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0 - 11.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.2.0 - 11.2.7"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.0 - 12.0.5"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0 - 12.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.0 - 13.0.2"
                  },
                  {
                    "status": "affected",
                    "version": "13.1.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2917",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-08T16:49:50.493475Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-08T16:56:43.912Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager ThinServer",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0 - 11.2.6"
                },
                {
                  "status": "affected",
                  "version": "11.1.0 - 11.1.6"
                },
                {
                  "status": "affected",
                  "version": "11.2.0 - 11.2.7"
                },
                {
                  "status": "affected",
                  "version": "12.0.0 - 12.0.5"
                },
                {
                  "status": "affected",
                  "version": "12.1.0 - 12.1.6"
                },
                {
                  "status": "affected",
                  "version": "13.0.0 - 13.0.2"
                },
                {
                  "status": "affected",
                  "version": "13.1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "This vulnerability was reported to Rockwell Automation by Tenable Network Security."
            }
          ],
          "datePublic": "2023-08-17T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.\u0026nbsp;\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. \u0026nbsp;A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.\u003c/span\u003e\n\n  "
                }
              ],
              "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.\u00a0\u00a0Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. \u00a0A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.\n\n  "
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-17T15:10:08.696Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cul\u003e\u003cli\u003eUpdate to the corrected software versions.\u003c/li\u003e\u003cli\u003eLimit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "\n  *  Update to the corrected software versions.\n  *  Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\n\n\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2023-2917",
        "datePublished": "2023-08-17T15:10:08.696Z",
        "dateReserved": "2023-05-26T13:57:12.308Z",
        "dateUpdated": "2024-10-08T16:56:43.912Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2915 (GCVE-0-2023-2915)

    Vulnerability from cvelistv5 – Published: 2023-08-17 15:05 – Updated: 2024-10-08 17:01
    VLAI
    Title
    Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
    Summary
    The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager ThinServer Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-17 14:00
    Credits
    This vulnerability was reported to Rockwell Automation by Tenable Network Security.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:41:03.650Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.0.0 - 11.2.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0 - 11.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.2.0 - 11.2.7"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.0 - 12.0.5"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0 - 12.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.0 - 13.0.2"
                  },
                  {
                    "status": "affected",
                    "version": "13.1.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2915",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-08T16:58:47.679391Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-08T17:01:54.549Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager ThinServer",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0 - 11.2.6"
                },
                {
                  "status": "affected",
                  "version": "11.1.0 - 11.1.6"
                },
                {
                  "status": "affected",
                  "version": "11.2.0 - 11.2.7"
                },
                {
                  "status": "affected",
                  "version": "12.0.0 - 12.0.5"
                },
                {
                  "status": "affected",
                  "version": "12.1.0 - 12.1.6"
                },
                {
                  "status": "affected",
                  "version": "13.0.0 - 13.0.2"
                },
                {
                  "status": "affected",
                  "version": "13.1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "This vulnerability was reported to Rockwell Automation by Tenable Network Security."
            }
          ],
          "datePublic": "2023-08-17T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges.   A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.  "
                }
              ],
              "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges.   A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.  "
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-17T15:05:52.368Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cul\u003e\u003cli\u003eUpdate to the corrected software versions.\u003c/li\u003e\u003cli\u003eLimit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "\n  *  Update to the corrected software versions.\n  *  Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\n\n\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2023-2915",
        "datePublished": "2023-08-17T15:05:52.368Z",
        "dateReserved": "2023-05-26T13:45:57.862Z",
        "dateUpdated": "2024-10-08T17:01:54.549Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2914 (GCVE-0-2023-2914)

    Vulnerability from cvelistv5 – Published: 2023-08-17 15:01 – Updated: 2024-10-08 17:08
    VLAI
    Title
    Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerabilitiy
    Summary
    The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Rockwell Automation ThinManager ThinServer Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
    Create a notification for this product.
    rockwellautomation thinmanager_thinserver Affected: 11.0.0 - 11.2.6
    Affected: 11.1.0 - 11.1.6
    Affected: 11.2.0 - 11.2.7
    Affected: 12.0.0 - 12.0.5
    Affected: 12.1.0 - 12.1.6
    Affected: 13.0.0 - 13.0.2
    Affected: 13.1.0
        cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-17 14:00
    Credits
    This vulnerability was reported to Rockwell Automation by Tenable Network Security.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:41:03.723Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "thinmanager_thinserver",
                "vendor": "rockwellautomation",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.0.0 - 11.2.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0 - 11.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "11.2.0 - 11.2.7"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.0 - 12.0.5"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0 - 12.1.6"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.0 - 13.0.2"
                  },
                  {
                    "status": "affected",
                    "version": "13.1.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2914",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-08T17:05:51.847648Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-08T17:08:30.894Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ThinManager ThinServer",
              "vendor": "Rockwell Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0 - 11.2.6"
                },
                {
                  "status": "affected",
                  "version": "11.1.0 - 11.1.6"
                },
                {
                  "status": "affected",
                  "version": "11.2.0 - 11.2.7"
                },
                {
                  "status": "affected",
                  "version": "12.0.0 - 12.0.5"
                },
                {
                  "status": "affected",
                  "version": "12.1.0 - 12.1.6"
                },
                {
                  "status": "affected",
                  "version": "13.0.0 - 13.0.2"
                },
                {
                  "status": "affected",
                  "version": "13.1.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "This vulnerability was reported to Rockwell Automation by Tenable Network Security."
            }
          ],
          "datePublic": "2023-08-17T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.  "
                }
              ],
              "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.  "
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-17T15:03:27.110Z",
            "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
            "shortName": "Rockwell"
          },
          "references": [
            {
              "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cul\u003e\u003cli\u003eUpdate to the corrected software versions.\u003c/li\u003e\u003cli\u003eLimit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "\n  *  Update to the corrected software versions.\n  *  Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.\n\n\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerabilitiy",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "assignerShortName": "Rockwell",
        "cveId": "CVE-2023-2914",
        "datePublished": "2023-08-17T15:01:25.994Z",
        "dateReserved": "2023-05-26T13:23:41.377Z",
        "dateUpdated": "2024-10-08T17:08:30.894Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }