{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29463", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2023-04-06T18:42:59.008Z", "datePublished": "2023-09-12T16:42:14.868Z", "dateUpdated": "2025-02-27T20:54:59.034Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Pavilion8", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<5.20"}]}], "datePublic": "2023-09-12T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users\u2019 session data and or log users out of their session.</span>\n\n"}], "value": "\nThe JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users\u2019 session data and or log users out of their session.\n\n"}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-09-12T16:42:14.868Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140590"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<div>Risk Mitigation &amp; User Action</div><div>Customers using the affected software are encouraged to apply the risk mitigations, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the risk of vulnerability.<ul><li>Update to v5.20</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012\">QA43240 - Recommended Security Guidelines from Rockwell Automation</a></li></ul><br><strong>If customers are unable to update to v5.20, please follow the instructions below to disable the vulnerability in v5.17.</strong><ol><li>Open the <code>web.xml</code>&nbsp;file in your Pavilion8\u00ae installation folder set during installation and go to <em>Console\\container\\webapps\\ROOT\\WEB-INF</em>, by default this would be under <code>C:\\Pavilion\\Console\\container\\webapps\\ROOT\\WEB-INF</code>.</li><li>Search for the text <code>jmx-console-action-handler</code>&nbsp;and delete the below lines from <code>web.xml</code>&nbsp;file:<br><br><code>&nbsp; &lt;servlet&gt;<br>&nbsp; &nbsp; &lt;servlet-name&gt;jmx-console-action-handler&lt;/servlet-name&gt;<br>&nbsp; &nbsp; &lt;servlet-class&gt;com.pav.jboss.jmx.HtmlAdaptorServlet&lt;/servlet-class&gt;<br>&nbsp; &lt;/servlet&gt;<br>&nbsp; &lt;servlet-mapping&gt;<br>&nbsp; &nbsp; &lt;servlet-name&gt;jmx-console-action-handler&lt;/servlet-name&gt;<br>&nbsp; &nbsp; &lt;url-pattern&gt;/jmx-console/HtmlAdaptor&lt;/url-pattern&gt;<br>&nbsp; &lt;/servlet-mapping&gt;</code><br>&nbsp;</li><li>Save the changes and close the file.</li><li>Restart <strong>Pavilion8\u00ae Console Service</strong>.</li><li>Logout and log back into the console and navigate to the URL <code>http:// &lt;FQDN&gt;/jmx-console</code>&nbsp;to confirm you are getting the error message <code>HTTP Status 404 \u2013 Not Found</code>.</li></ol><blockquote><p><u>Note</u>: <code>&lt;FQDN&gt;</code>&nbsp;is your fully qualified domain name used for the Console login.</p></blockquote></div>\n\n<br>"}], "value": "\nRisk Mitigation & User Action\n\nCustomers using the affected software are encouraged to apply the risk mitigations, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the risk of vulnerability.  *  Update to v5.20\n  *   QA43240 - Recommended Security Guidelines from Rockwell Automation https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012 \n\n\n\nIf customers are unable to update to v5.20, please follow the instructions below to disable the vulnerability in v5.17.  *  Open the web.xml\u00a0file in your Pavilion8\u00ae installation folder set during installation and go to Console\\container\\webapps\\ROOT\\WEB-INF, by default this would be under C:\\Pavilion\\Console\\container\\webapps\\ROOT\\WEB-INF.\n  *  Search for the text jmx-console-action-handler\u00a0and delete the below lines from web.xml\u00a0file:\n\n\u00a0 <servlet>\n\u00a0 \u00a0 <servlet-name>jmx-console-action-handler</servlet-name>\n\u00a0 \u00a0 <servlet-class>com.pav.jboss.jmx.HtmlAdaptorServlet</servlet-class>\n\u00a0 </servlet>\n\u00a0 <servlet-mapping>\n\u00a0 \u00a0 <servlet-name>jmx-console-action-handler</servlet-name>\n\u00a0 \u00a0 <url-pattern>/jmx-console/HtmlAdaptor</url-pattern>\n\u00a0 </servlet-mapping>\n\u00a0\n  *  Save the changes and close the file.\n  *  Restart Pavilion8\u00ae Console Service.\n  *  Logout and log back into the console and navigate to the URL http:// <FQDN>/jmx-console\u00a0to confirm you are getting the error message HTTP Status 404 \u2013 Not Found.\nNote: <FQDN>\u00a0is your fully qualified domain name used for the Console login.\n\n\n\n\n\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Pavilion8 Security Misconfiguration Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:07:46.424Z"}, "title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140590", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-26T21:51:43.237837Z", "id": "CVE-2023-29463", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-27T20:54:59.034Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29463", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2023-04-06T18:42:59.008Z", "datePublished": "2023-09-12T16:42:14.868Z", "dateUpdated": "2025-02-27T20:54:59.034Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Pavilion8", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<5.20"}]}], "datePublic": "2023-09-12T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users\u2019 session data and or log users out of their session.</span>\n\n"}], "value": "\nThe JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users\u2019 session data and or log users out of their session.\n\n"}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-09-12T16:42:14.868Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140590"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<div>Risk Mitigation &amp; User Action</div><div>Customers using the affected software are encouraged to apply the risk mitigations, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the risk of vulnerability.<ul><li>Update to v5.20</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012\">QA43240 - Recommended Security Guidelines from Rockwell Automation</a></li></ul><br><strong>If customers are unable to update to v5.20, please follow the instructions below to disable the vulnerability in v5.17.</strong><ol><li>Open the <code>web.xml</code>&nbsp;file in your Pavilion8\u00ae installation folder set during installation and go to <em>Console\\container\\webapps\\ROOT\\WEB-INF</em>, by default this would be under <code>C:\\Pavilion\\Console\\container\\webapps\\ROOT\\WEB-INF</code>.</li><li>Search for the text <code>jmx-console-action-handler</code>&nbsp;and delete the below lines from <code>web.xml</code>&nbsp;file:<br><br><code>&nbsp; &lt;servlet&gt;<br>&nbsp; &nbsp; &lt;servlet-name&gt;jmx-console-action-handler&lt;/servlet-name&gt;<br>&nbsp; &nbsp; &lt;servlet-class&gt;com.pav.jboss.jmx.HtmlAdaptorServlet&lt;/servlet-class&gt;<br>&nbsp; &lt;/servlet&gt;<br>&nbsp; &lt;servlet-mapping&gt;<br>&nbsp; &nbsp; &lt;servlet-name&gt;jmx-console-action-handler&lt;/servlet-name&gt;<br>&nbsp; &nbsp; &lt;url-pattern&gt;/jmx-console/HtmlAdaptor&lt;/url-pattern&gt;<br>&nbsp; &lt;/servlet-mapping&gt;</code><br>&nbsp;</li><li>Save the changes and close the file.</li><li>Restart <strong>Pavilion8\u00ae Console Service</strong>.</li><li>Logout and log back into the console and navigate to the URL <code>http:// &lt;FQDN&gt;/jmx-console</code>&nbsp;to confirm you are getting the error message <code>HTTP Status 404 \u2013 Not Found</code>.</li></ol><blockquote><p><u>Note</u>: <code>&lt;FQDN&gt;</code>&nbsp;is your fully qualified domain name used for the Console login.</p></blockquote></div>\n\n<br>"}], "value": "\nRisk Mitigation & User Action\n\nCustomers using the affected software are encouraged to apply the risk mitigations, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the risk of vulnerability.  *  Update to v5.20\n  *   QA43240 - Recommended Security Guidelines from Rockwell Automation https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012 \n\n\n\nIf customers are unable to update to v5.20, please follow the instructions below to disable the vulnerability in v5.17.  *  Open the web.xml\u00a0file in your Pavilion8\u00ae installation folder set during installation and go to Console\\container\\webapps\\ROOT\\WEB-INF, by default this would be under C:\\Pavilion\\Console\\container\\webapps\\ROOT\\WEB-INF.\n  *  Search for the text jmx-console-action-handler\u00a0and delete the below lines from web.xml\u00a0file:\n\n\u00a0 <servlet>\n\u00a0 \u00a0 <servlet-name>jmx-console-action-handler</servlet-name>\n\u00a0 \u00a0 <servlet-class>com.pav.jboss.jmx.HtmlAdaptorServlet</servlet-class>\n\u00a0 </servlet>\n\u00a0 <servlet-mapping>\n\u00a0 \u00a0 <servlet-name>jmx-console-action-handler</servlet-name>\n\u00a0 \u00a0 <url-pattern>/jmx-console/HtmlAdaptor</url-pattern>\n\u00a0 </servlet-mapping>\n\u00a0\n  *  Save the changes and close the file.\n  *  Restart Pavilion8\u00ae Console Service.\n  *  Logout and log back into the console and navigate to the URL http:// <FQDN>/jmx-console\u00a0to confirm you are getting the error message HTTP Status 404 \u2013 Not Found.\nNote: <FQDN>\u00a0is your fully qualified domain name used for the Console login.\n\n\n\n\n\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Pavilion8 Security Misconfiguration Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:07:46.424Z"}, "title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140590", "tags": ["x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-29463", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-26T21:51:43.237837Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T20:37:24.547Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:pavilion8:*:*:*:*:*:*:*:*", "matchCriteriaId": "269FEE95-7517-453F-98E7-1D3B19ADF191", "versionEndExcluding": "5.20", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "\nThe JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users\u2019 session data and or log users out of their session.\n\n"}, {"lang": "es", "value": "La consola JMX dentro de Rockwell Automation Pavilion8 est\u00e1 expuesta a los usuarios de la aplicaci\u00f3n y no requiere autenticaci\u00f3n. Si se explota, un usuario malintencionado podr\u00eda potencialmente recuperar los datos de sesi\u00f3n de otros usuarios de la aplicaci\u00f3n o cerrar la sesi\u00f3n de los usuarios."}], "id": "CVE-2023-29463", "lastModified": "2024-11-21T07:57:06.420", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-12T17:15:09.147", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Permissions Required"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140590"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140590"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}