Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-40620

CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. The vulnerability results in data being sent between the Console and the Dashboard without encryption, which can be seen in the logs of proxy servers, potentially impacting the data's confidentiality.

Published

2024-08-14T20:15:12.410

Last Modified

2025-01-31T15:03:56.407

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-311
Type: Primary
CWE-311

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rockwellautomation	pavilion8	5.20.00	Yes

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201691.html Vendor Advisory ([email protected])