{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4609", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2024-05-07T14:56:25.894Z", "datePublished": "2024-05-16T15:13:45.048Z", "dateUpdated": "2024-08-01T20:47:41.128Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FactoryTalk\u00ae View SE", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<14"}]}], "datePublic": "2024-05-16T14:58:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>A vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime. &nbsp; &nbsp;</p><p>&nbsp;</p>\n\n"}], "value": "A vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime."}], "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.8, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-05-16T15:13:45.048Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1670.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<ul><li>Corrected in v11,12, 13 and later.</li><li>\n\n<p>Users using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f</p><p>&nbsp;</p><ul><li><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a>\u202f\u202f</p></li></ul><p>&nbsp;</p>\n\n<br></li></ul>"}], "value": "*  Corrected in v11,12, 13 and later.\n  *  \n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\n\n\u00a0\n\n  *   Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"}], "source": {"discovery": "INTERNAL"}, "title": "Rockwell Automation Datalog Function within in FactoryTalk\u00ae View SE contains SQL Injection Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4609", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-24T18:10:40.296727Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "factorytalk_view", "versions": [{"status": "affected", "version": "0", "lessThan": "14", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:53:40.228Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:47:41.128Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1670.html", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1670.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:47:41.128Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4609", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-24T18:10:40.296727Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "factorytalk_view", "versions": [{"status": "affected", "version": "0", "lessThan": "14", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-24T18:12:25.674Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Rockwell Automation Datalog Function within in FactoryTalk\u00ae View SE contains SQL Injection Vulnerability", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.8, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "FactoryTalk\u00ae View SE", "versions": [{"status": "affected", "version": "<14"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "*  Corrected in v11,12, 13 and later.\n  *  \n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\n\n\u00a0\n\n  *   Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight", "supportingMedia": [{"type": "text/html", "value": "<ul><li>Corrected in v11,12, 13 and later.</li><li>\n\n<p>Users using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f</p><p>&nbsp;</p><ul><li><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a>\u202f\u202f</p></li></ul><p>&nbsp;</p>\n\n<br></li></ul>", "base64": false}]}], "datePublic": "2024-05-16T14:58:00.000Z", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1670.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime.", "supportingMedia": [{"type": "text/html", "value": "\n\n<p>A vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime. &nbsp; &nbsp;</p><p>&nbsp;</p>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-05-16T15:13:45.048Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4609", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:47:41.128Z", "dateReserved": "2024-05-07T14:56:25.894Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2024-05-16T15:13:45.048Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*", "matchCriteriaId": "0CBD02EA-5D80-4A57-8F55-886C13277815", "versionEndExcluding": "11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime."}, {"lang": "es", "value": " Existe una vulnerabilidad en la funci\u00f3n FactoryTalk\u00ae View SE Datalog de Rockwell Automation que podr\u00eda permitir que un actor malicioso inyecte una declaraci\u00f3n SQL maliciosa si la base de datos SQL no tiene autenticaci\u00f3n implementada o si se robaron credenciales leg\u00edtimas. Si se explota, el ataque podr\u00eda dar como resultado la exposici\u00f3n de informaci\u00f3n, revelando informaci\u00f3n confidencial. Adem\u00e1s, un actor malicioso podr\u00eda modificar y eliminar los datos de una base de datos remota. Un ataque s\u00f3lo afectar\u00eda el tiempo de dise\u00f1o de la HMI, no el tiempo de ejecuci\u00f3n."}], "id": "CVE-2024-4609", "lastModified": "2025-01-30T15:50:28.557", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "LOW", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "LOW"}, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2024-05-16T16:15:10.750", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Vendor Advisory"], "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1670.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1670.html"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}