exploitDog

CVE-2022-38744

Опубликовано: 27 окт. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages structured with XML.

Ссылки

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136876
Permissions Required
Vendor Advisory
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136876
Permissions Required
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rockwellautomation:factorytalk_alarms_and_events:-:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00375

Низкий

7.5 High

CVSS3

Дефекты

CWE-287

CWE-287

Связанные уязвимости

GHSA-3cc5-pgvq-wh26

CVSS3: 7.5

github

больше 3 лет назад

An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages structured with XML.

EPSS

Процентиль: 59%

0.00375

Низкий

7.5 High

CVSS3

Дефекты

CWE-287

CWE-287