Vulnerability Details CVE-2023-29024
A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product
A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.7%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2023-29024
-
cpe:2.3:h:rockwellautomation:armorstart_st_281e:-
-
cpe:2.3:h:rockwellautomation:armorstart_st_284ee:-
-
cpe:2.3:o:rockwellautomation:armorstart_st_281e_firmware:-
-
cpe:2.3:o:rockwellautomation:armorstart_st_284ee_firmware:-