CVE-2023-46290

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if the authorized user did not previously log in into the FactoryTalk® Services Platform web service.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141165	Permissions Required Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:rockwellautomation:factorytalk_services_platform:*:*:*:*:*:*:*:*

History

07 Nov 2023, 19:09

Type	Values Removed	Values Added
CWE		CWE-287
First Time		Rockwellautomation factorytalk Services Platform Rockwellautomation
CPE		cpe:2.3:a:rockwellautomation:factorytalk_services_platform::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.1
References	~~(MISC) https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141165 -~~	(MISC) https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141165 - Permissions Required, Vendor Advisory

27 Oct 2023, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-27 19:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-46290

Mitre link : CVE-2023-46290

CVE.ORG link : CVE-2023-46290

JSON object : View

Products Affected

rockwellautomation

factorytalk_services_platform

CWE

CWE-287

Improper Authentication

{"id": "CVE-2023-46290", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2023-10-27T19:15:41.560", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141165", "tags": ["Permissions Required", "Vendor Advisory"], "source": "PSIRT@rockwellautomation.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}, {"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "\nDue to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk\u00ae Services Platform web service and then use the token to log in into FactoryTalk\u00ae Services Platform . This vulnerability can only be exploited if the authorized user did not previously log in into the FactoryTalk\u00ae Services Platform web service.\n\n"}, {"lang": "es", "value": "Debido a una l\u00f3gica de c\u00f3digo inadecuada, un actor de amenazas no autenticado previamente podr\u00eda obtener un token de usuario del sistema operativo Windows local a trav\u00e9s del servicio web FactoryTalk\u00ae Services Platform y luego usar el token para iniciar sesi\u00f3n en FactoryTalk\u00ae Services Platform. Esta vulnerabilidad solo se puede aprovechar si el usuario autorizado no inici\u00f3 sesi\u00f3n previamente en el servicio web FactoryTalk\u00ae Services Platform."}], "lastModified": "2023-11-07T19:09:56.033", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86F8AE4A-2067-4989-BED5-B4CB8A03E8BB", "versionEndExcluding": "2.80"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT@rockwellautomation.com"}