Filtered by vendor Rockwellautomation
Subscriptions
Filtered by product Pavilion8
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-29463 | 1 Rockwellautomation | 1 Pavilion8 | 2024-11-21 | 8.8 High |
The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users’ session data and or log users out of their session. | ||||
CVE-2024-7960 | 1 Rockwellautomation | 1 Pavilion8 | 2024-09-19 | 9.1 Critical |
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect privilege matrix that allows users to have access to functions they should not. | ||||
CVE-2024-7961 | 1 Rockwellautomation | 1 Pavilion8 | 2024-09-19 | 9.8 Critical |
A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execution. |
Page 1 of 1.