OpenCVE

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	Armorstart St 281e Armorstart St 281e Firmware Armorstart St 284ee Armorstart St 284ee Firmware

Configuration 1 [-]

AND

cpe:2.3:o:rockwellautomation:armorstart_st_284ee_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:armorstart_st_284ee:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:rockwellautomation:armorstart_st_281e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:armorstart_st_281e:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438

History

No history.

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2023-05-11T17:41:17.097Z

Updated: 2024-08-02T14:00:14.600Z

Reserved: 2023-03-29T20:07:06.686Z

Link: CVE-2023-29030

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-05-11T18:15:13.770

Modified: 2023-12-20T02:50:13.797

Link: CVE-2023-29030

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29030", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2023-03-29T20:07:06.686Z", "datePublished": "2023-05-11T17:41:17.097Z", "dateUpdated": "2024-08-02T14:00:14.600Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ArmorStart ST", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "All "}]}], "datePublic": "2023-05-11T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.</span>\n\n"}], "value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-10-24T11:48:37.420Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Customers should disable the webserver during normal use. The webserver is disabled by default and should only be enabled to modify configurations. After modifying configurations, the web server should be disabled."}], "value": "Customers should disable the webserver during normal use. The webserver is disabled by default and should only be enabled to modify configurations. After modifying configurations, the web server should be disabled."}], "source": {"discovery": "UNKNOWN"}, "title": "Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:00:14.600Z"}, "title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:armorstart_st_284ee_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FB61010-9BC0-4A6D-BE43-350415D18374", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:armorstart_st_284ee:-:*:*:*:*:*:*:*", "matchCriteriaId": "07E85834-78DF-41E2-B86C-899DBE201D67", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:armorstart_st_281e_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E001AA0-C1D7-4ADA-ADD9-4472276FA933", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:armorstart_st_281e:-:*:*:*:*:*:*:*", "matchCriteriaId": "462A5C89-68EB-471E-B23C-A2FA63EA74F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n"}], "id": "CVE-2023-29030", "lastModified": "2023-12-20T02:50:13.797", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2023-05-11T18:15:13.770", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}