Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-10386

CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation.

Published

2024-10-25T17:15:03.987

Last Modified

2024-11-05T20:07:59.487

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-306
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rockwellautomation	thinmanager	< 11.2.10	Yes
Application	rockwellautomation	thinmanager	< 12.0.8	Yes
Application	rockwellautomation	thinmanager	< 12.1.9	Yes
Application	rockwellautomation	thinmanager	< 13.0.6	Yes
Application	rockwellautomation	thinmanager	< 13.1.4	Yes
Application	rockwellautomation	thinmanager	< 13.2.3	Yes
Application	rockwellautomation	thinmanager	14.0.0	Yes

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html Vendor Advisory ([email protected])