CVE-2024-45824 IMPACT
A remote
code vulnerability exists in the affected products. The vulnerability occurs
when chained with Path Traversal, Command Injection, and XSS Vulnerabilities
and allows for full unauthenticated remote code execution. The link in the
mitigations section below contains patches to fix this issue.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Rockwellautomation
Rockwellautomation factorytalk View |
|
CPEs | cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:*:*:*:* | |
Vendors & Products |
Rockwellautomation
Rockwellautomation factorytalk View |
|
Metrics |
ssvc
|
Thu, 12 Sep 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Injection, and XSS Vulnerabilities and allows for full unauthenticated remote code execution. The link in the mitigations section below contains patches to fix this issue. | |
Title | FactoryTalk® View Site Edition Remote Code Execution Vulnerability via Lack of Input Validation | |
Weaknesses | CWE-77 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Rockwell
Published: 2024-09-12T14:05:22.202Z
Updated: 2024-09-12T15:07:31.980Z
Reserved: 2024-09-09T19:33:02.444Z
Link: CVE-2024-45824
Vulnrichment
Updated: 2024-09-12T15:05:46.181Z
NVD
Status : Awaiting Analysis
Published: 2024-09-12T14:16:06.953
Modified: 2024-09-12T18:14:03.913
Link: CVE-2024-45824
Redhat
No data.