Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Thinmanager
(Rockwellautomation)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-06-25 | CVE-2024-5989 | Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™. | Thinmanager, Thinserver | 9.8 | ||
| 2024-06-25 | CVE-2024-5990 | Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer™ and cause a denial-of-service condition on the affected device. | Thinmanager, Thinserver | 7.5 | ||
| 2024-10-25 | CVE-2024-10386 | CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation. | Thinmanager | 9.8 | ||
| 2024-10-25 | CVE-2024-10387 | CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in Denial-of-Service. | Thinmanager | 7.5 | ||
| 2024-09-12 | CVE-2024-45826 | CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user can install an executable file. | Thinmanager | 8.8 |