Metrics
Affected Vendors & Products
Solution
Affected Product First Known in software version Corrected in software version ThinManager® ThinServer™ 11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1 11.1.8 11.2.9 12.0.7 12.1.8 13.0.5 13.1.3 13.2.2 Mitigations and Workarounds Customers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability. · Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight
Workaround
No workaround given by the vendor.
Mon, 26 Aug 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Rockwellautomation
Rockwellautomation thinmanager Thinserver |
|
CPEs | cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:* | |
Vendors & Products |
Rockwellautomation
Rockwellautomation thinmanager Thinserver |
|
Metrics |
cvssV3_1
|
Mon, 26 Aug 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten. | |
Title | ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities | |
Weaknesses | CWE-20 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: Rockwell
Published:
Updated: 2024-08-26T17:46:47.107Z
Reserved: 2024-08-19T20:06:27.545Z
Link: CVE-2024-7988

Updated: 2024-08-26T17:46:38.593Z

Status : Awaiting Analysis
Published: 2024-08-26T15:15:09.140
Modified: 2024-08-26T18:35:14.617
Link: CVE-2024-7988

No data.

No data.