Vulnerability-Lookup

VAR-202408-2396

Vulnerability from variot - Updated: 2025-03-10 01:19

A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat actor to disclose sensitive information. A threat actor can exploit this vulnerability by abusing the ThinServer™ service to read arbitrary files by creating a junction that points to the target directory. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the ThinServer service which listens on TCP port 8443 by default. The issue results from the lack of proper access controls set on resources used by the service. An attacker can leverage this vulnerability to read files in the context of the SYSTEM. Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, USA

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202408-2396",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinmanager",
        "scope": null,
        "trust": 1.5,
        "vendor": "rockwell automation",
        "version": null
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "12.0.0  that\u0027s all  12.0.7"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "11.1.0  that\u0027s all  11.1.8"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "12.1.0  that\u0027s all  12.1.8"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "13.1.0  that\u0027s all  13.1.3"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "13.0.0  that\u0027s all  13.0.5"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "13.2.0  that\u0027s all  13.2.2"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": null
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "11.2.0  that\u0027s all  11.2.9"
      },
      {
        "model": "automation thinmanager thinserver",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "1.1.0,\u003c=11.1.7"
      },
      {
        "model": "automation thinmanager thinserver",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "11.2.0,\u003c=11.2.8"
      },
      {
        "model": "automation thinmanager thinserver",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "12.0.0,\u003c=12.0.6"
      },
      {
        "model": "automation thinmanager thinserver",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "12.1.0,\u003c=12.1.7"
      },
      {
        "model": "automation thinmanager thinserver",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "13.0.0,\u003c=13.0.4"
      },
      {
        "model": "automation thinmanager thinserver",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "13.1.0,\u003c=13.1.2"
      },
      {
        "model": "automation thinmanager thinserver",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "13.2.0,\u003c=13.2.1"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-24-1156"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Nicholas Zubrisky (@NZubrisky) of Trend Micro Security Research",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-24-1156"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2024-7986",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.1,
            "id": "CNVD-2024-46733",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2024-7986",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "ZDI",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2024-7986",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "NONE",
            "vectorString": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "PSIRT@rockwellautomation.com",
            "id": "CVE-2024-7986",
            "trust": 1.0,
            "value": "Medium"
          },
          {
            "author": "NVD",
            "id": "CVE-2024-7986",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2024-7986",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-46733",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-24-1156"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-7986"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability exists in the Rockwell Automation\u00a0ThinManager\u00ae ThinServer\u00a0that allows a threat actor to disclose sensitive information. A threat actor can exploit this vulnerability by abusing the ThinServer\u2122 service to read arbitrary files by creating a junction that points to the target directory. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the ThinServer service which listens on TCP port 8443 by default. The issue results from the lack of proper access controls set on resources used by the service. An attacker can leverage this vulnerability to read files in the context of the SYSTEM. Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, USA",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-7986"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      },
      {
        "db": "ZDI",
        "id": "ZDI-24-1156"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2024-7986",
        "trust": 3.9
      },
      {
        "db": "ZDI",
        "id": "ZDI-24-1156",
        "trust": 1.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-24-242-01",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU96141650",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-019784",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-24002",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-24-1156"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-7986"
      }
    ]
  },
  "id": "VAR-202408-2396",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      }
    ]
  },
  "last_update_date": "2025-03-10T01:19:23.959000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Rockwell Automation has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://www.rockwellautomation.com/en-ca/trust-center/security-advisories/advisory.SD1692.html"
      },
      {
        "title": "Patch for Rockwell Automation ThinManager ThinServer Permission Management Error Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/634621"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-24-1156"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-732",
        "trust": 1.0
      },
      {
        "problemtype": "Improper permission assignment for critical resources (CWE-732) [ others ]",
        "trust": 0.8
      },
      {
        "problemtype": " Improper permission assignment for critical resources (CWE-732) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-7986"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.sd1692.html"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu96141650/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2024-7986"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-242-01"
      },
      {
        "trust": 0.7,
        "url": "https://www.rockwellautomation.com/en-ca/trust-center/security-advisories/advisory.sd1692.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-24-1156/"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-24-1156"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-7986"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-24-1156"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-7986"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-08-22T00:00:00",
        "db": "ZDI",
        "id": "ZDI-24-1156"
      },
      {
        "date": "2024-12-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      },
      {
        "date": "2025-03-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      },
      {
        "date": "2024-08-23T12:15:03.920000",
        "db": "NVD",
        "id": "CVE-2024-7986"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-08-22T00:00:00",
        "db": "ZDI",
        "id": "ZDI-24-1156"
      },
      {
        "date": "2024-12-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-46733"
      },
      {
        "date": "2025-03-05T09:17:00",
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      },
      {
        "date": "2024-08-23T16:18:28.547000",
        "db": "NVD",
        "id": "CVE-2024-7986"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rockwell\u00a0Automation\u00a0 of \u00a0thinmanager\u00a0 Vulnerability in improper permission assignment for critical resources in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-019784"
      }
    ],
    "trust": 0.8
  }
}

CVE-2024-7986 (GCVE-0-2024-7986)

Vulnerability from cvelistv5 – Published: 2024-08-23 11:51 – Updated: 2024-08-28 16:21

Title

Rockwell Automation ThinManager® ThinServer™ Information Disclosure

Summary

Severity ?

6.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

CWE-732 - Incorrect Permission Assignment for Critical Resource

Assigner

Rockwell

References

URL

Tags

https://www.rockwellautomation.com/en-us/trust-ce…

Impacted products

	Vendor	Product	Version
	Rockwell Automation	ThinManager® ThinServer™	Affected: 11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7986",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-28T16:20:54.169556Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-28T16:21:02.832Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ThinManager\u00ae ThinServer\u2122",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1"
            }
          ]
        }
      ],
      "datePublic": "2024-08-22T13:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability exists in the Rockwell Automation\u0026nbsp;\u003c/span\u003eThinManager\u00ae ThinServer\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethat allows a threat actor to disclose sensitive information. A threat actor can exploit this vulnerability by abusing the ThinServer\u2122 service to read arbitrary files by creating a junction that points to the target directory.\u003c/span\u003e"
            }
          ],
          "value": "A vulnerability exists in the Rockwell Automation\u00a0ThinManager\u00ae ThinServer\u00a0that allows a threat actor to disclose sensitive information. A threat actor can exploit this vulnerability by abusing the ThinServer\u2122 service to read arbitrary files by creating a junction that points to the target directory."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-576",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-576 Group Permission Footprinting"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-732",
              "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-23T11:51:55.080Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Product\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eFirst Known in software version\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eCorrected in software version\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eThinManager\u00ae ThinServer\u2122\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.0-11.1.7\u003cbr\u003e11.2.0-11.2.8\u003cbr\u003e12.0.0-12.0.6\u003cbr\u003e12.1.0-12.1.7\u003cbr\u003e13.0.0-13.0.4\u003cbr\u003e13.1.0-13.1.2\u003cbr\u003e13.2.0-13.2.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e11.1.8\u003c/p\u003e\u003cp\u003e11.2.9\u003c/p\u003e\u003cp\u003e12.0.7\u003c/p\u003e\u003cp\u003e12.1.8\u003c/p\u003e\u003cp\u003e13.0.5\u003c/p\u003e\u003cp\u003e13.1.3\u003c/p\u003e\u003cp\u003e13.2.2\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\u003cp\u003e\u003cb\u003eMitigations and Workarounds\u003c/b\u003e\u003c/p\u003e\u003cp\u003eCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e"
            }
          ],
          "value": "Affected Product\n\nFirst Known in software version\n\nCorrected in software version\n\nThinManager\u00ae ThinServer\u2122\n\n11.1.0-11.1.7\n11.2.0-11.2.8\n12.0.0-12.0.6\n12.1.0-12.1.7\n13.0.0-13.0.4\n13.1.0-13.1.2\n13.2.0-13.2.1\n\n11.1.8\n\n11.2.9\n\n12.0.7\n\n12.1.8\n\n13.0.5\n\n13.1.3\n\n13.2.2\n\n\nMitigations and Workarounds\n\nCustomers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability.\n\n\u00b7 \u00a0 \u00a0 \u00a0  Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
        }
      ],
      "source": {
        "advisory": "SD1692",
        "discovery": "EXTERNAL"
      },
      "title": "Rockwell Automation ThinManager\u00ae ThinServer\u2122 Information Disclosure",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2024-7986",
    "datePublished": "2024-08-23T11:51:55.080Z",
    "dateReserved": "2024-08-19T20:06:24.873Z",
    "dateUpdated": "2024-08-28T16:21:02.832Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

VAR-202408-2396

CVE-2024-7986 (GCVE-0-2024-7986)

Tags

Sightings

Nomenclature