CVE-2023-2072

The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated user resulting in remote code execution and potentially the complete loss of confidentiality, integrity, and availability of the product.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139761	Permissions Required Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:rockwellautomation:powermonitor_1000:-:*:*:*:*:*:*:*

cpe:2.3:o:rockwellautomation:powermonitor_1000_firmware:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-07-11 14:15

Updated : 2023-07-18 21:02

NVD link : CVE-2023-2072

Mitre link : CVE-2023-2072

CVE.ORG link : CVE-2023-2072

JSON object : View

Products Affected

rockwellautomation

powermonitor_1000
powermonitor_1000_firmware

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-787

Out-of-bounds Write

{"id": "CVE-2023-2072", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-07-11T14:15:09.403", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139761", "tags": ["Permissions Required", "Vendor Advisory"], "source": "PSIRT@rockwellautomation.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. \u00a0The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated user resulting in remote code execution and potentially the complete loss of confidentiality, integrity, and availability of the product.\n\n\n"}], "lastModified": "2023-07-18T21:02:57.793", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:powermonitor_1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "882E9A4B-4CBB-40B5-B411-CDF3C33B1156"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:powermonitor_1000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C04FB15-DF14-4CD3-B2F3-27463AF3C900"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "PSIRT@rockwellautomation.com"}