CVE-2024-9412

Improper Authorization Vulnerability in Rockwell Automation Verve® Asset Manager

Description

An improper authorization vulnerability exists in the Rockwell Automation affected products that could allow an unauthorized user to sign in. While removal of all role mappings is unlikely, it could occur in the case of unexpected or accidental removal by the administrator. If exploited, an unauthorized user could access data they previously but should no longer have access to.

INFO

Published Date :

2024-10-08T19:24:41.136Z

Last Modified :

2024-10-08T20:01:06.815Z

Source :

Rockwell

AFFECTED PRODUCTS

The following products are affected by CVE-2024-9412 vulnerability.

Vendors	Products
Rockwellautomation	Verve Asset Manager

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-9412.

URL	Resource
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201704.html

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability