An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and
Events service could open a connection, causing the service to fault and become unavailable. The affected port
could be used as a server ping port and uses messages structured with XML.
References
Link | Resource |
---|---|
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136876 | Permissions Required Vendor Advisory |
Configurations
History
No history.
Information
Published : 2022-10-27 14:15
Updated : 2023-11-07 03:50
NVD link : CVE-2022-38744
Mitre link : CVE-2022-38744
CVE.ORG link : CVE-2022-38744
JSON object : View
Products Affected
rockwellautomation
- factorytalk_alarms_and_events
CWE
CWE-287
Improper Authentication