CVE-2023-2917

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471	Permissions Required
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471	Permissions Required

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.1.0:::::::*

History

No history.

Information

Published : 2023-08-17 16:15

Updated : 2024-11-21 07:59

NVD link : CVE-2023-2917

Mitre link : CVE-2023-2917

CVE.ORG link : CVE-2023-2917

JSON object : View

Products Affected

rockwellautomation

thinmanager_thinserver

CWE

CWE-20

Improper Input Validation

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2023-2917", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-08-17T16:15:09.790", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471", "tags": ["Permissions Required"], "source": "PSIRT@rockwellautomation.com"}, {"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471", "tags": ["Permissions Required"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.\u00a0\u00a0Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. \u00a0A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.\n\n "}], "lastModified": "2024-11-21T07:59:34.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C40EF89-902D-40A0-9460-9C2037CDAF45", "versionEndIncluding": "11.0.6", "versionStartIncluding": "11.0.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCB9F021-2307-4183-A6B8-CAEE88808C92", "versionEndIncluding": "11.1.6", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8C2E2BF-3ABA-4E69-9A8F-4E2AC6C48E2E", "versionEndIncluding": "11.2.7", "versionStartIncluding": "11.2.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66054D47-416A-4194-9B95-AE810924AD94", "versionEndIncluding": "12.0.5", "versionStartIncluding": "12.0.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AAE89B3-6C25-4DE7-898A-2F8637122B01", "versionEndIncluding": "12.1.6", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5D9F5DA-D66A-4F88-A1C4-E1411715162F", "versionEndIncluding": "13.0.2", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE7FC8D4-F5EF-45DC-9D95-4CFBC3FE1E3B"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT@rockwellautomation.com"}