Vulnerability Description
A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Armorstart St 284Ee Firmware | - |
| Rockwellautomation | Armorstart St 284Ee | - |
| Rockwellautomation | Armorstart St 281E Firmware | - |
| Rockwellautomation | Armorstart St 281E | - |
Related Weaknesses (CWE)
References
- https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438Vendor Advisory
- https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438Vendor Advisory
FAQ
What is CVE-2023-29023?
CVE-2023-29023 is a vulnerability with a CVSS score of 7.0 (HIGH). A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page...
How severe is CVE-2023-29023?
CVE-2023-29023 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-29023?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Armorstart St 284Ee Firmware, Rockwellautomation Armorstart St 284Ee, Rockwellautomation Armorstart St 281E Firmware, Rockwellautomation Armorstart St 281E.