CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27476

A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.7%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 7.5

References

Products affected by CVE-2021-27476

Rockwellautomation » Factorytalk Assetcentre » Version: N/A

cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:-
Rockwellautomation » Factorytalk Assetcentre » Version: 10.00

cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:10.00
Rockwellautomation » Factorytalk Assetcentre » Version: 5.00.00

cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:5.00.00
Rockwellautomation » Factorytalk Assetcentre » Version: 6.00.00

cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:6.00.00
Rockwellautomation » Factorytalk Assetcentre » Version: 6.10.00

cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:6.10.00
Rockwellautomation » Factorytalk Assetcentre » Version: 7.00.00

cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:7.00.00
Rockwellautomation » Factorytalk Assetcentre » Version: 7.10.01

cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:7.10.01
Rockwellautomation » Factorytalk Assetcentre » Version: 8.00.00

cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:8.00.00
Rockwellautomation » Factorytalk Assetcentre » Version: 9.00.00

cpe:2.3:a:rockwellautomation:factorytalk_assetcentre:9.00.00

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27476

Products

Pricing

Contact Us