cve-2024-10387
Vulnerability from cvelistv5
Published
2024-10-25 17:04
Modified
2024-10-25 20:14
Severity ?
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS score ?
Summary
Rockwell Automation FactoryTalk ThinManager Denial-of-Service Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Rockwell Automation | FactoryTalk ThinManager |
Version: 11.2.0-11.2.9 Version: 12.0.0-12.0.7 Version: 12.1.0-12.1.8 Version: 13.0.0-13.0.5 Version: 13.1.0-13.1.3 Version: 13.2.0-13.2.2 Version: 14.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinmanager",
"vendor": "rockwellautomation",
"versions": [
{
"lessThanOrEqual": "11.2.9",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.0.7",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.8",
"status": "affected",
"version": "12.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "13.0.5",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "13.1.3",
"status": "affected",
"version": "13.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "13.2.2",
"status": "affected",
"version": "13.2.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "14.0.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T20:10:20.475990Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T20:14:03.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FactoryTalk ThinManager",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "11.2.0-11.2.9"
},
{
"status": "affected",
"version": "12.0.0-12.0.7"
},
{
"status": "affected",
"version": "12.1.0-12.1.8"
},
{
"status": "affected",
"version": "13.0.0-13.0.5"
},
{
"status": "affected",
"version": "13.1.0-13.1.3"
},
{
"status": "affected",
"version": "13.2.0-13.2.2"
},
{
"status": "affected",
"version": "14.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Tenable Network Security"
}
],
"datePublic": "2024-10-25T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cb\u003e\u003cu\u003eCVE-2024-10387 IMPACT\u003c/u\u003e\u003c/b\u003e\u003cu\u003e\u003c/u\u003e\u003c/p\u003e\n\n\u003cp\u003eA Denial-of-Service\nvulnerability exists in the affected product. The vulnerability could allow a\nthreat actor with network access to send crafted messages to the device,\npotentially resulting in Denial-of-Service.\u003c/p\u003e"
}
],
"value": "CVE-2024-10387 IMPACT\n\n\n\nA Denial-of-Service\nvulnerability exists in the affected product. The vulnerability could allow a\nthreat actor with network access to send crafted messages to the device,\npotentially resulting in Denial-of-Service."
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129 Pointer Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T17:04:36.334Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: var(--wht);\"\u003eIf able,\nnavigate to the \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/\"\u003eThinManager\u00ae download site\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e and upgrade to a corrected version of ThinManager\u00ae\u003c/span\u003e\n\n\u003cbr\u003e\u003cbr\u003e\u003cp\u003e11.2.10\u003cbr\u003e\n\u003c/p\u003e\n\n\u003cp\u003e12.0.8\u003cbr\u003e\n\u003c/p\u003e\n\n\u003cp\u003e12.1.9\u003cbr\u003e\n\u003c/p\u003e\n\n\u003cp\u003e13.0.6 \u003c/p\u003e\n\n\n\n\u003cp\u003e13.1.4 \u003c/p\u003e\n\n\n\n\u003cp\u003e13.2.3 \u003c/p\u003e\n\n\n\n\u003cp\u003e14.0.1\u003c/p\u003e\n\n\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "If able,\nnavigate to the ThinManager\u00ae download site https://thinmanager.com/downloads/ and upgrade to a corrected version of ThinManager\u00ae\n\n\n\n11.2.10\n\n\n\n\n\n12.0.8\n\n\n\n\n\n12.1.9\n\n\n\n\n\n13.0.6 \n\n\n\n\n\n13.1.4 \n\n\n\n\n\n13.2.3 \n\n\n\n\n\n14.0.1"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Rockwell Automation FactoryTalk ThinManager Denial-of-Service Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eIf able,\nnavigate to the \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/\"\u003eThinManager\u00ae download site\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e and upgrade to a corrected version of ThinManager\u00ae\u003c/span\u003e\u003c/p\u003e\u003cp\u003eImplement\nnetwork hardening for ThinManager\u00ae Device(s) by limiting communications to TCP\n2031 to only the devices that need connection to the ThinManager\u00ae\u003c/p\u003e\n\n\n\n\u003cp\u003eFor\ninformation on how to mitigate Security Risks on industrial automation control\nsystems, we encourage customers to implement our suggested \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003esecurity best\npractices\u003c/a\u003e to\nminimize the risk of the vulnerability.\u003c/p\u003e"
}
],
"value": "If able,\nnavigate to the ThinManager\u00ae download site https://thinmanager.com/downloads/ and upgrade to a corrected version of ThinManager\u00ae\n\nImplement\nnetwork hardening for ThinManager\u00ae Device(s) by limiting communications to TCP\n2031 to only the devices that need connection to the ThinManager\u00ae\n\n\n\n\n\nFor\ninformation on how to mitigate Security Risks on industrial automation control\nsystems, we encourage customers to implement our suggested security best\npractices to\nminimize the risk of the vulnerability."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-10387",
"datePublished": "2024-10-25T17:04:36.334Z",
"dateReserved": "2024-10-25T12:38:30.428Z",
"dateUpdated": "2024-10-25T20:14:03.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-10387\",\"sourceIdentifier\":\"PSIRT@rockwellautomation.com\",\"published\":\"2024-10-25T17:15:04.230\",\"lastModified\":\"2024-11-05T20:05:55.323\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"CVE-2024-10387 IMPACT\\n\\n\\n\\nA Denial-of-Service\\nvulnerability exists in the affected product. The vulnerability could allow a\\nthreat actor with network access to send crafted messages to the device,\\npotentially resulting in Denial-of-Service.\"},{\"lang\":\"es\",\"value\":\"CVE-2024-10387 IMPACTO Existe una vulnerabilidad de denegaci\u00f3n de servicio en el producto afectado. La vulnerabilidad podr\u00eda permitir que un actor de amenazas con acceso a la red env\u00ede mensajes manipulados al dispositivo, lo que podr\u00eda provocar una denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"PSIRT@rockwellautomation.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"NONE\",\"vulnerableSystemIntegrity\":\"NONE\",\"vulnerableSystemAvailability\":\"HIGH\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"PSIRT@rockwellautomation.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"PSIRT@rockwellautomation.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.2.0\",\"versionEndExcluding\":\"11.2.10\",\"matchCriteriaId\":\"AC6CF373-34C9-43AC-B210-2E7C31CEAEFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.0.8\",\"matchCriteriaId\":\"9EAE9FF9-28B3-4490-8358-A3636FFDC9C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndExcluding\":\"12.1.9\",\"matchCriteriaId\":\"667ACE9F-6074-4300-A90A-5C6F8A06B76A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.0.0\",\"versionEndExcluding\":\"13.0.6\",\"matchCriteriaId\":\"C56E6406-256A-4774-9FDD-E72625D4B1AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.4\",\"matchCriteriaId\":\"0305A358-81AA-468A-951D-98EE0C60695C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.2.0\",\"versionEndIncluding\":\"13.2.3\",\"matchCriteriaId\":\"4B920868-E568-44A7-9F68-B3D615956E12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rockwellautomation:thinmanager:14.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48214ABF-9E29-4422-A0E6-6AF4AE199D51\"}]}]}],\"references\":[{\"url\":\"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html\",\"source\":\"PSIRT@rockwellautomation.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.