Unrated severityNVD Advisory· Published Aug 14, 2024· Updated Aug 14, 2024

Rockwell Automation Pavilion8® Unencrypted Data Vulnerability via HTTP protocol

CVE-2024-40620

Description

CVE-2024-40620 IMPACT

A vulnerability exists in the affected product due to lack of encryption of sensitive information. The vulnerability results in data being sent between the Console and the Dashboard without encryption, which can be seen in the logs of proxy servers, potentially impacting the data's confidentiality.

Affected products

Rockwellautomation/Pavilion8cpe-rescue
Range: 5.20

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201691.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000