Factorytalk System Services
Monthly
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. Rated low severity (CVSS 1.8), this vulnerability is low attack complexity. No vendor patch available.
The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. Rated low severity (CVSS 1.8), this vulnerability is low attack complexity. No vendor patch available.
The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.