Vulnerability Details CVE-2023-29023
A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.6%
CVSS Severity
CVSS v3 Score 7.0
References
Products affected by CVE-2023-29023
-
cpe:2.3:h:rockwellautomation:armorstart_st_281e:-
-
cpe:2.3:h:rockwellautomation:armorstart_st_284ee:-
-
cpe:2.3:o:rockwellautomation:armorstart_st_281e_firmware:-
-
cpe:2.3:o:rockwellautomation:armorstart_st_284ee_firmware:-