CVE-2024-45823 IMPACT
An
authentication bypass vulnerability exists in the affected product. The
vulnerability exists due to shared secrets across accounts and could allow a threat
actor to impersonate a user if the threat actor is able to enumerate additional
information required during authentication.
Metrics
Affected Vendors & Products
References
History
Wed, 02 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:rockwellautomation:factorytalk_batch_view:2.01.00:*:*:*:*:*:*:* |
Thu, 12 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Rockwellautomation
Rockwellautomation factorytalk Batch View |
|
CPEs | cpe:2.3:a:rockwellautomation:factorytalk_batch_view:*:*:*:*:*:*:*:* | |
Vendors & Products |
Rockwellautomation
Rockwellautomation factorytalk Batch View |
|
Metrics |
ssvc
|
Thu, 12 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | CVE-2024-45823 IMPACT An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could allow a threat actor to impersonate a user if the threat actor is able to enumerate additional information required during authentication. | |
Title | FactoryTalk® Batch View™ Authentication Bypass Vulnerability via shared secrets | |
Weaknesses | CWE-287 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Rockwell
Published: 2024-09-12T14:20:49.164Z
Updated: 2024-09-12T15:09:32.171Z
Reserved: 2024-09-09T19:33:02.444Z
Link: CVE-2024-45823
Vulnrichment
Updated: 2024-09-12T15:09:28.815Z
NVD
Status : Analyzed
Published: 2024-09-12T15:18:22.547
Modified: 2024-10-02T14:49:59.157
Link: CVE-2024-45823
Redhat
No data.