VAR-202104-1943
Vulnerability from variot - Updated: 2023-12-18 12:35Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre. Rockwell Automation Provided by the company FactoryTalk AssetCentre The following multiple vulnerabilities exist in. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets. Provides centralized tools to secure, manage, version control, track and report automation-related asset information across the factory FactoryTalk AssetCentre has a security vulnerability that stems from not properly restricting all functions related to IIS Remote Services Attackers This vulnerability could be exploited to modify sensitive data in FactoryTalk Asset Center
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202104-1943",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "factorytalk assetcentre",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "10.00"
},
{
"model": "factorytalk asset centre",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "factorytalk asset centre",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "v10.00 and earlier"
},
{
"model": "automation factorytalk assetcentre",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=10.00"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"db": "NVD",
"id": "CVE-2021-27474"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.00",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27474"
}
]
},
"cve": "CVE-2021-27474",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-26403",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-386741",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.8,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 10,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-001308",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-27474",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2021-27474",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "IPA",
"id": "JVNDB-2021-001308",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2021-26403",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-057",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-386741",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"db": "VULHUB",
"id": "VHN-386741"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"db": "NVD",
"id": "CVE-2021-27474"
},
{
"db": "NVD",
"id": "CVE-2021-27474"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-057"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre. Rockwell Automation Provided by the company FactoryTalk AssetCentre The following multiple vulnerabilities exist in. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 \u2025 * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 \u2025 * OS Command injection (CWE-78) - CVE-2021-27476 \u2025 * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 \u2025 * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 \u2025 * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 \u2025 * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets. Provides centralized tools to secure, manage, version control, track and report automation-related asset information across the factory FactoryTalk AssetCentre has a security vulnerability that stems from not properly restricting all functions related to IIS Remote Services Attackers This vulnerability could be exploited to modify sensitive data in FactoryTalk Asset Center",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27474"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"db": "VULHUB",
"id": "VHN-386741"
},
{
"db": "VULMON",
"id": "CVE-2021-27474"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-27474",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-21-091-01",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVNVU93112256",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001308",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202104-057",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2021-26403",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1134",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-386741",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-27474",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"db": "VULHUB",
"id": "VHN-386741"
},
{
"db": "VULMON",
"id": "CVE-2021-27474"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"db": "NVD",
"id": "CVE-2021-27474"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-057"
}
]
},
"id": "VAR-202104-1943",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"db": "VULHUB",
"id": "VHN-386741"
}
],
"trust": 1.57121212
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-26403"
}
]
},
"last_update_date": "2023-12-18T12:35:05.663000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "QA46277 (Login required)",
"trust": 0.8,
"url": "https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?relaystate=rpid%3drockwellautomation.custhelp.com%26relaystate%3danswers%2fanswer_view%2fa_id%2f1130831"
},
{
"title": "Patch for Rockwell Automation FactoryTalk AssetCentre has unspecified vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/257321"
},
{
"title": "Rockwell Automation FactoryTalk AssetCentre Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146151"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-057"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "Deserialization of untrusted data (CWE-502) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Use of potentially dangerous functions (CWE-676) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": "OS Command injection (CWE-78) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": "SQL injection (CWE-89) [IPA Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"db": "NVD",
"id": "CVE-2021-27474"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-091-01"
},
{
"trust": 1.7,
"url": "https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?relaystate=rpid%3drockwellautomation.custhelp.com%26relaystate%3danswers%2fanswer_view%2fa_id%2f1130831"
},
{
"trust": 1.7,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-091-01"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu93112256"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-27474/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1134"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199262"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"db": "VULHUB",
"id": "VHN-386741"
},
{
"db": "VULMON",
"id": "CVE-2021-27474"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"db": "NVD",
"id": "CVE-2021-27474"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-057"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"db": "VULHUB",
"id": "VHN-386741"
},
{
"db": "VULMON",
"id": "CVE-2021-27474"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"db": "NVD",
"id": "CVE-2021-27474"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-057"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"date": "2022-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-386741"
},
{
"date": "2021-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"date": "2022-03-23T20:15:09.207000",
"db": "NVD",
"id": "CVE-2021-27474"
},
{
"date": "2021-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-057"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-26403"
},
{
"date": "2022-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-386741"
},
{
"date": "2021-04-05T06:09:00",
"db": "JVNDB",
"id": "JVNDB-2021-001308"
},
{
"date": "2022-07-29T13:58:59.930000",
"db": "NVD",
"id": "CVE-2021-27474"
},
{
"date": "2022-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-057"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-057"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell\u00a0Automation\u00a0 Made \u00a0FactoryTalk\u00a0AssetCentre\u00a0 Multiple vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-001308"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-057"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…