{"containers": {"cna": {"affected": [{"product": "Rockwell Automation PanelView Plus 6 700-1500", "vendor": "n/a", "versions": [{"status": "affected", "version": "Rockwell Automation PanelView Plus 6 700-1500"}]}], "datePublic": "2017-06-14T00:00:00", "descriptions": [{"lang": "en", "value": "A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-882", "description": "CWE-882", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-06-14T20:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2017-7914", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Rockwell Automation PanelView Plus 6 700-1500", "version": {"version_data": [{"version_value": "Rockwell Automation PanelView Plus 6 700-1500"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-882"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:19:29.506Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2017-7914", "datePublished": "2017-06-14T21:00:00", "dateReserved": "2017-04-18T00:00:00", "dateUpdated": "2024-08-05T16:19:29.506Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00-20140306:*:*:*:*:*:*:*", "matchCriteriaId": "A7EBA0A2-F6F2-4DF0-8FAC-37E5C6768734", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00.04:*:*:*:*:*:*:*", "matchCriteriaId": "7498C8EB-B040-4B5E-BB67-630986C417E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00.05:*:*:*:*:*:*:*", "matchCriteriaId": "5DC3FD03-CA9F-427D-B8AB-2280A60738B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00.42:*:*:*:*:*:*:*", "matchCriteriaId": "7522CC96-D5E9-41AF-95AB-876303767B1B", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.10-20140122:*:*:*:*:*:*:*", "matchCriteriaId": "8B07AC6A-EFDA-4CC5-937C-6CAD73B3A1C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.10.20121012:*:*:*:*:*:*:*", "matchCriteriaId": "00391FDB-1094-4FB3-9938-9DEDB1045AD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20121012:*:*:*:*:*:*:*", "matchCriteriaId": "374DABE1-5D77-4EE3-853A-9FF5AD820861", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20130108:*:*:*:*:*:*:*", "matchCriteriaId": "031AD257-1BE1-4061-BC6D-1AA0741C99EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20130325:*:*:*:*:*:*:*", "matchCriteriaId": "3F9743D5-67E5-4DA5-BFDB-E42CD73A8306", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20130619:*:*:*:*:*:*:*", "matchCriteriaId": "3C4A0042-86AF-4BB9-9114-F19777F6312A", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140128:*:*:*:*:*:*:*", "matchCriteriaId": "78DDD0D2-E7F6-43A9-99A6-6D12B153BB1D", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140310:*:*:*:*:*:*:*", "matchCriteriaId": "48CAEE93-3120-4F22-8BE0-46195D489015", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140429:*:*:*:*:*:*:*", "matchCriteriaId": "F58A9CCD-3C23-4D1C-815E-C9D107F47B76", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140621:*:*:*:*:*:*:*", "matchCriteriaId": "214CB7C5-6241-4589-AA91-014E334FFB41", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140729:*:*:*:*:*:*:*", "matchCriteriaId": "46DC9731-1EA9-4354-959E-494905A45963", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20141022:*:*:*:*:*:*:*", "matchCriteriaId": "6F3DB916-F40E-4F80-9B28-0CB573585E1D", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:8.00-20140730:*:*:*:*:*:*:*", "matchCriteriaId": "94994F4E-0F1D-46FC-A7B2-462838BA4DFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:8.00-20141023:*:*:*:*:*:*:*", "matchCriteriaId": "8C8CD419-33AB-43C0-836F-8CC4AFD5F6FE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:panelview_plus_6_700-1500:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B3064E9-5257-4D66-A127-E30944447752", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access."}, {"lang": "es", "value": "Se ha descubierto un problema de falta de autorizaci\u00f3n en Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730 y 8.00-20141023. No hay comprobaci\u00f3n de autorizaci\u00f3n al conectarse al dispositivo, lo que permite que un atacante logre el acceso remoto."}], "id": "CVE-2017-7914", "lastModified": "2019-10-09T23:29:57.217", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-06-14T21:29:00.270", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-882"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}

{}