Skip to main content

Pavilion8

5 CVEs product

Monthly

CVE-2024-7961 HIGH This Week

A path traversal vulnerability exists in the Rockwell Automation affected product. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Rockwell Pavilion8
NVD
CVSS 4.0
8.6
EPSS
1.0%
CVE-2024-7960 HIGH This Week

The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Rockwell Pavilion8
NVD
CVSS 4.0
8.8
EPSS
0.5%
CVE-2024-40620 MEDIUM This Month

CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Pavilion8
NVD
CVSS 4.0
5.3
EPSS
0.2%
CVE-2024-6435 HIGH This Week

A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Pavilion8
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2023-29463 MEDIUM This Month

The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Rockwell Authentication Bypass Pavilion8
NVD
CVSS 3.1
5.4
EPSS
0.8%
EPSS 1% CVSS 8.6
HIGH This Week

A path traversal vulnerability exists in the Rockwell Automation affected product. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Rockwell +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Rockwell Pavilion8
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Pavilion8
NVD
EPSS 0% CVSS 8.7
HIGH This Week

A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Pavilion8
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Rockwell Authentication Bypass Pavilion8
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy