First published: Thu May 11 2023(Updated: )
Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API.
Credit: PSIRT@rockwellautomation.com
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Thinmanager | <=13.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-2443 refers to a vulnerability in the Rockwell Automation ThinManager product that allows the use of medium strength ciphers, potentially enabling a malicious actor to decrypt traffic sent between the client and server API.
CVE-2023-2443 can impact the Rockwell Automation ThinManager product by allowing the use of medium strength ciphers and enabling possible decryption of traffic between the client and server API.
CVE-2023-2443 has a severity rating of 7.5 (high).
To fix CVE-2023-2443, it is recommended to update the Rockwell Automation ThinManager product to a version that addresses the vulnerability.
More information about CVE-2023-2443 can be found at the following link: [https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139442]