- Description
- Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data bringing the product offline. If exploited, the product would become unavailable and require a restart to recover resulting in a denial-of-service condition.
- Source
- PSIRT@rockwellautomation.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:site_edition:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6E450A8-F513-496F-A9D6-059A0987F543",
"versionEndIncluding": "13.0",
"versionStartIncluding": "11.0"
}
],
"operator": "OR"
}
]
}
]