Vulnerability-Lookup

VAR-202410-3402

Vulnerability from variot - Updated: 2024-12-21 19:23

CVE-2024-10386 IMPACT

An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation. Rockwell Automation of thinmanager Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, USA. It allows thin clients to be assigned to multiple remote desktop servers at the same time

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202410-3402",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinmanager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "13.2.3"
      },
      {
        "model": "thinmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "13.2.0"
      },
      {
        "model": "thinmanager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "12.0.8"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "14.0.0"
      },
      {
        "model": "thinmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "12.0.0"
      },
      {
        "model": "thinmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "11.2.0"
      },
      {
        "model": "thinmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "13.1.0"
      },
      {
        "model": "thinmanager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "11.2.10"
      },
      {
        "model": "thinmanager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "13.0.6"
      },
      {
        "model": "thinmanager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "13.1.4"
      },
      {
        "model": "thinmanager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "12.1.9"
      },
      {
        "model": "thinmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "13.0.0"
      },
      {
        "model": "thinmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "12.1.0"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "13.2.0  that\u0027s all  13.2.3"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "13.1.0  that\u0027s all  13.1.4"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "11.2.0  that\u0027s all  11.2.10"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "14.0.0"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "12.0.0  that\u0027s all  12.0.8"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": null
      },
      {
        "model": "thinmanager",
        "scope": null,
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": null
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "13.0.0  that\u0027s all  13.0.6"
      },
      {
        "model": "thinmanager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "12.1.0  that\u0027s all  12.1.9"
      },
      {
        "model": "automation rockwell automation thinmanager",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "11.2.0,\u003c=11.2.9"
      },
      {
        "model": "automation rockwell automation thinmanager",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "12.0.0,\u003c=12.0.7"
      },
      {
        "model": "automation rockwell automation thinmanager",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "12.1.0,\u003c=12.1.8"
      },
      {
        "model": "automation rockwell automation thinmanager",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "13.0.0,\u003c=13.0.5"
      },
      {
        "model": "automation rockwell automation thinmanager",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "13.1.0,\u003c=13.1.3"
      },
      {
        "model": "automation rockwell automation thinmanager",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "13.2.0,\u003c=13.2.2"
      },
      {
        "model": "automation rockwell automation thinmanager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "14.0.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-10386"
      }
    ]
  },
  "cve": "CVE-2024-10386",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2024-46725",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2024-10386",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2024-10386",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2024-10386",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "PSIRT@rockwellautomation.com",
            "id": "CVE-2024-10386",
            "trust": 1.0,
            "value": "Critical"
          },
          {
            "author": "NVD",
            "id": "CVE-2024-10386",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-46725",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-10386"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-10386"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CVE-2024-10386 IMPACT\n\n\n\nAn authentication\nvulnerability exists in the affected product. The vulnerability could allow a\nthreat actor with network access to send crafted messages to the device, potentially\nresulting in database manipulation. Rockwell Automation of thinmanager Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, USA. It allows thin clients to be assigned to multiple remote desktop servers at the same time",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-10386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2024-10386",
        "trust": 3.2
      },
      {
        "db": "JVN",
        "id": "JVNVU97090361",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-24-305-01",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-011988",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-10386"
      }
    ]
  },
  "id": "VAR-202410-3402",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      }
    ]
  },
  "last_update_date": "2024-12-21T19:23:34.666000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Rockwell Automation ThinManager Authentication Error Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/634596"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-306",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
        "trust": 0.8
      },
      {
        "problemtype": " Lack of information (CWE-noinfo) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-10386"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.sd1708.html"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu97090361/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2024-10386"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-305-01"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-10386"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-10386"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-12-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      },
      {
        "date": "2024-11-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      },
      {
        "date": "2024-10-25T17:15:03.987000",
        "db": "NVD",
        "id": "CVE-2024-10386"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-12-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-46725"
      },
      {
        "date": "2024-11-06T01:18:00",
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      },
      {
        "date": "2024-11-05T20:07:59.487000",
        "db": "NVD",
        "id": "CVE-2024-10386"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rockwell\u00a0Automation\u00a0 of \u00a0thinmanager\u00a0 Vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-011988"
      }
    ],
    "trust": 0.8
  }
}

CVE-2024-10386 (GCVE-0-2024-10386)

Vulnerability from cvelistv5 – Published: 2024-10-25 17:04 – Updated: 2024-10-25 20:17

Title

Rockwell Automation FactoryTalk ThinManager Authentication Vulnerability

Summary

CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation.

Severity ?

9.3 (Critical)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-306 - Missing Authentication for Critical Function

Assigner

Rockwell

References

URL

Tags

https://www.rockwellautomation.com/en-us/trust-ce…

Impacted products

	Vendor	Product	Version
	Rockwell Automation	FactoryTalk ThinManager	Affected: 11.2.0-11.2.9 Affected: 12.0.0-12.0.7 Affected: 12.1.0-12.1.8 Affected: 13.0.0-13.0.5 Affected: 13.1.0-13.1.3 Affected: 13.2.0-13.2.2 Affected: 14.0.0

Credits

Tenable Network Security

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "thinmanager",
            "vendor": "rockwellautomation",
            "versions": [
              {
                "lessThanOrEqual": "11.2.9",
                "status": "affected",
                "version": "11.2.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "12.0.7",
                "status": "affected",
                "version": "12.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "12.1.8",
                "status": "affected",
                "version": "12.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "13.0.5",
                "status": "affected",
                "version": "13.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "13.1.3",
                "status": "affected",
                "version": "13.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "13.2.2",
                "status": "affected",
                "version": "13.2.0",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "14.0.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10386",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T20:14:39.256573Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T20:17:55.566Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FactoryTalk ThinManager",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "11.2.0-11.2.9"
            },
            {
              "status": "affected",
              "version": "12.0.0-12.0.7"
            },
            {
              "status": "affected",
              "version": "12.1.0-12.1.8"
            },
            {
              "status": "affected",
              "version": "13.0.0-13.0.5"
            },
            {
              "status": "affected",
              "version": "13.1.0-13.1.3"
            },
            {
              "status": "affected",
              "version": "13.2.0-13.2.2"
            },
            {
              "status": "affected",
              "version": "14.0.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Tenable Network Security"
        }
      ],
      "datePublic": "2024-10-25T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cb\u003e\u003cu\u003eCVE-2024-10386 IMPACT\u003c/u\u003e\u003c/b\u003e\u003cu\u003e\u003c/u\u003e\u003c/p\u003e\n\n\u003cp\u003eAn authentication\nvulnerability exists in the affected product. The vulnerability could allow a\nthreat actor with network access to send crafted messages to the device, potentially\nresulting in database manipulation.\u003c/p\u003e"
            }
          ],
          "value": "CVE-2024-10386 IMPACT\n\n\n\nAn authentication\nvulnerability exists in the affected product. The vulnerability could allow a\nthreat actor with network access to send crafted messages to the device, potentially\nresulting in database manipulation."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-153",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-153 Input Data Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306 Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-25T17:04:34.000Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: var(--wht);\"\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nIf able,\nnavigate to the \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/\"\u003eThinManager\u00ae download site\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e and upgrade to a corrected version of ThinManager\u00ae\u003c/span\u003e\n\n\u003cbr\u003e\u003cbr\u003e\u003cp\u003e11.2.10\u003cbr\u003e\n\u003c/p\u003e\n\n\u003cp\u003e12.0.8\u003cbr\u003e\n\u003c/p\u003e\n\n\u003cp\u003e12.1.9\u003cbr\u003e\n\u003c/p\u003e\n\n\u003cp\u003e13.0.6\u0026nbsp;\u003c/p\u003e\n\n\n\n\u003cp\u003e13.1.4\u0026nbsp;\u003c/p\u003e\n\n\n\n\u003cp\u003e13.2.3\u0026nbsp;\u003c/p\u003e\n\n\n\n\u003cp\u003e14.0.1\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nIf able,\nnavigate to the  ThinManager\u00ae download site https://thinmanager.com/downloads/  and upgrade to a corrected version of ThinManager\u00ae\n\n\n\n11.2.10\n\n\n\n\n\n12.0.8\n\n\n\n\n\n12.1.9\n\n\n\n\n\n13.0.6\u00a0\n\n\n\n\n\n13.1.4\u00a0\n\n\n\n\n\n13.2.3\u00a0\n\n\n\n\n\n14.0.1"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Rockwell Automation FactoryTalk ThinManager Authentication Vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nIf able,\nnavigate to the \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/\"\u003eThinManager\u00ae download site\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e and upgrade to a corrected version of ThinManager\u00ae\u003c/span\u003e\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nImplement\nnetwork hardening for ThinManager\u00ae Device(s) by limiting communications to TCP\n2031 to only the devices that need connection to the ThinManager\u00ae\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nFor\ninformation on how to mitigate Security Risks on industrial automation control\nsystems, we encourage customers to implement our suggested \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003esecurity best\npractices\u003c/a\u003e to\nminimize the risk of the vulnerability.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nIf able,\nnavigate to the  ThinManager\u00ae download site https://thinmanager.com/downloads/  and upgrade to a corrected version of ThinManager\u00ae\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nImplement\nnetwork hardening for ThinManager\u00ae Device(s) by limiting communications to TCP\n2031 to only the devices that need connection to the ThinManager\u00ae\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nFor\ninformation on how to mitigate Security Risks on industrial automation control\nsystems, we encourage customers to implement our suggested security best\npractices to\nminimize the risk of the vulnerability."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2024-10386",
    "datePublished": "2024-10-25T17:04:34.000Z",
    "dateReserved": "2024-10-25T12:38:28.748Z",
    "dateUpdated": "2024-10-25T20:17:55.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

VAR-202410-3402

CVE-2024-10386 (GCVE-0-2024-10386)

Tags

Sightings

Nomenclature