Severity:
High,
Medium
Advisory ID:
PN1622
Published Date:
May 11, 2023
Last Updated:
May 11, 2023
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
CVE IDs
CVE-2023-29030,
CVE-2023-29022,
CVE-2023-29028,
CVE-2023-29027,
CVE-2023-29023,
CVE-2023-29026,
CVE-2023-29029,
CVE-2023-29031,
CVE-2023-29024,
CVE-2023-29025
Summary
ArmorStart® ST 281E, 284EE Vulnerable to Multiple XSS Vulnerabilities
Revision History
Revision Number
1.0
Revision History
Version 1.0 - May 11, 2023
Affected Products
| Affected Product (automated) | First Known in Firmware Revision | Corrected in Firmware Revision |
| ArmorStart® ST 281E | v2.004.06 | N/A |
| ArmorStart® ST 284E | all | N/A |
| ArmorStart® ST 280E | all | N/A |
Vulnerability Details
Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities.
CVE-2023-29031 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
Known Exploited Vulnerability (KEV) database:
CVE-2023-29030 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
Known Exploited Vulnerability (KEV) database:
CVE-2023-29023 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
Known Exploited Vulnerability (KEV) database:
CVE-2023-29024 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
Known Exploited Vulnerability (KEV) database:
CVE-2023-29025 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVE-2023-29026 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVE-2023-29027 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVE-2023-29028 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVE-2023-29029 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVE-2023 29022 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment specific prioritization.
CVE-2023-29031 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
CVSS Base Score: 7.0
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-20 Improper Input ValidationKnown Exploited Vulnerability (KEV) database:
NoCVE-2023-29030 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
CVSS Base Score: 7.0 (High)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-20 Improper Input ValidationKnown Exploited Vulnerability (KEV) database:
NoCVE-2023-29023 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
CVSS Base Score: 7.0 (High)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-20 Improper Input ValidationKnown Exploited Vulnerability (KEV) database:
NoCVE-2023-29024 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
CVSS Base Score: 5.5 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationKnown Exploited Vulnerability (KEV) database:
NoCVE-2023-29025 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023-29026 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023-29027 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023-29028 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023-29029 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023 29022 IMPACT
A cross site scripting vulnerability was discovered that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCustomers can use Stakeholder-Specific Vulnerability Categorization to generate more environment specific prioritization.
Risk Mitigation & User Action
Customers using the affected software are encouraged to apply the risk mitigations, if possible.
- Disable the webserver during normal use. The webserver is disabled by default and should only be enabled to modify configurations. After modifying configurations, the web server should be disabled.
- For information on how to mitigate Security Risks on industrial automation control systems (IACS) networks see the following publications:
- Additionally, we encourage customer to implement our QA43240 - Recommended Security Guidelines from Rockwell Automation to minimize risk of the vulnerability.
Additional Resources
Copyright ©2022 Rockwell Automation, Inc.