OpenCVE

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	Armorstart St 281e Armorstart St 281e Firmware Armorstart St 284ee Armorstart St 284ee Firmware

Configuration 1 [-]

AND

cpe:2.3:o:rockwellautomation:armorstart_st_284ee_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:armorstart_st_284ee:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:rockwellautomation:armorstart_st_281e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:armorstart_st_281e:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438

History

No history.

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2023-05-11T17:47:55.876Z

Updated: 2024-08-02T14:00:14.656Z

Reserved: 2023-03-29T20:07:06.686Z

Link: CVE-2023-29027

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-05-11T18:15:13.517

Modified: 2024-11-21T07:56:25.240

Link: CVE-2023-29027

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29027", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2023-03-29T20:07:06.686Z", "datePublished": "2023-05-11T17:47:55.876Z", "dateUpdated": "2024-08-02T14:00:14.656Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ArmorStart ST", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "All "}]}], "datePublic": "2023-05-11T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\n<span style=\"background-color: rgb(255, 255, 255);\">that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.</span>\n\n</span>\n\n"}], "value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-05-11T17:50:27.572Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Customers should disable the webserver during normal use. The webserver is disabled by default and should only be enabled to modify configurations. After modifying configurations, the web server should be disabled."}], "value": "Customers should disable the webserver during normal use. The webserver is disabled by default and should only be enabled to modify configurations. After modifying configurations, the web server should be disabled."}], "source": {"discovery": "UNKNOWN"}, "title": "Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:00:14.656Z"}, "title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:armorstart_st_284ee_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FB61010-9BC0-4A6D-BE43-350415D18374", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:armorstart_st_284ee:-:*:*:*:*:*:*:*", "matchCriteriaId": "07E85834-78DF-41E2-B86C-899DBE201D67", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:armorstart_st_281e_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E001AA0-C1D7-4ADA-ADD9-4472276FA933", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:armorstart_st_281e:-:*:*:*:*:*:*:*", "matchCriteriaId": "462A5C89-68EB-471E-B23C-A2FA63EA74F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n"}], "id": "CVE-2023-29027", "lastModified": "2024-11-21T07:56:25.240", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.4, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 3.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-05-11T18:15:13.517", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}