Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7960 | 1 Rockwellautomation | 1 Pavilion8 | 2024-09-19 | N/A | 9.1 CRITICAL |
| The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect privilege matrix that allows users to have access to functions they should not. | |||||
| CVE-2024-7961 | 1 Rockwellautomation | 1 Pavilion8 | 2024-09-19 | N/A | 9.8 CRITICAL |
| A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execution. | |||||
| CVE-2023-29463 | 1 Rockwellautomation | 1 Pavilion8 | 2024-02-28 | N/A | 5.4 MEDIUM |
| The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users’ session data and or log users out of their session. | |||||