var-202401-1419
Vulnerability from variot
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202401-1419", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "factorytalk services platform", scope: "lte", trust: 1, vendor: "rockwellautomation", version: "6.31.00", }, { model: "factorytalk services platform", scope: "eq", trust: 0.8, vendor: "rockwell automation", version: null, }, { model: "factorytalk services platform", scope: "lte", trust: 0.8, vendor: "rockwell automation", version: "6.31.00 and earlier", }, { model: "factorytalk services platform", scope: null, trust: 0.8, vendor: "rockwell automation", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-002283", }, { db: "NVD", id: "CVE-2024-21917", }, ], }, cve: "CVE-2024-21917", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2024-21917", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "PSIRT@rockwellautomation.com", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2024-21917", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 9.1, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2024-21917", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2024-21917", trust: 1, value: "CRITICAL", }, { author: "PSIRT@rockwellautomation.com", id: "CVE-2024-21917", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2024-21917", trust: 0.8, value: "Critical", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-002283", }, { db: "NVD", id: "CVE-2024-21917", }, { db: "NVD", id: "CVE-2024-21917", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "\nA vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication", sources: [ { db: "NVD", id: "CVE-2024-21917", }, { db: "JVNDB", id: "JVNDB-2024-002283", }, { db: "VULMON", id: "CVE-2024-21917", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2024-21917", trust: 2.7, }, { db: "ICS CERT", id: "ICSA-24-030-06", trust: 0.9, }, { db: "JVN", id: "JVNVU99327679", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2024-002283", trust: 0.8, }, { db: "VULMON", id: "CVE-2024-21917", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2024-21917", }, { db: "JVNDB", id: "JVNDB-2024-002283", }, { db: "NVD", id: "CVE-2024-21917", }, ], }, id: "VAR-202401-1419", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4717742, }, last_update_date: "2024-08-14T14:54:18.363000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-347", trust: 1, }, { problemtype: "Improper verification of digital signatures (CWE-347) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-002283", }, { db: "NVD", id: "CVE-2024-21917", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.9, url: "https://www.rockwellautomation.com/en-us/support/advisory.sd1660.html", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-06", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu99327679/", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2024-21917", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2024-21917", }, { db: "JVNDB", id: "JVNDB-2024-002283", }, { db: "NVD", id: "CVE-2024-21917", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2024-21917", }, { db: "JVNDB", id: "JVNDB-2024-002283", }, { db: "NVD", id: "CVE-2024-21917", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T00:00:00", db: "VULMON", id: "CVE-2024-21917", }, { date: "2024-02-13T00:00:00", db: "JVNDB", id: "JVNDB-2024-002283", }, { date: "2024-01-31T19:15:08.633000", db: "NVD", id: "CVE-2024-21917", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-01-31T00:00:00", db: "VULMON", id: "CVE-2024-21917", }, { date: "2024-02-13T02:23:00", db: "JVNDB", id: "JVNDB-2024-002283", }, { date: "2024-02-08T01:29:32.367000", db: "NVD", id: "CVE-2024-21917", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Rockwell Automation of FactoryTalk Services Platform Digital Signature Verification Vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2024-002283", }, ], trust: 0.8, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.