CVE-2023-29030: XSS
First published: Thu May 11 2023(Updated: )
A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
Credit: PSIRT@rockwellautomation.com PSIRT@rockwellautomation.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rockwellautomation Armorstart St 284ee Firmware | ||
| Rockwellautomation Armorstart St 284ee | ||
| Rockwellautomation Armorstart St 281e Firmware | ||
| Rockwellautomation Armorstart St 281e | ||
| All of | ||
| Rockwellautomation Armorstart St 284ee Firmware | ||
| Rockwellautomation Armorstart St 284ee | ||
| All of | ||
| Rockwellautomation Armorstart St 281e Firmware | ||
| Rockwellautomation Armorstart St 281e |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this cross-site scripting vulnerability in Rockwell Automation's ArmorStart ST product?
The vulnerability ID for this cross-site scripting vulnerability in Rockwell Automation's ArmorStart ST product is CVE-2023-29030.
What is the severity rating of CVE-2023-29030?
CVE-2023-29030 has a severity rating of 7.1 (high).
What is the affected software for CVE-2023-29030?
The affected software for CVE-2023-29030 includes Rockwell Automation's ArmorStart ST 284ee Firmware and ArmorStart ST 281e Firmware.
How can this vulnerability be exploited?
This vulnerability can be exploited through user interaction, such as a phishing attack.
How can I fix CVE-2023-29030?
To fix CVE-2023-29030, it is recommended to apply any patches or updates provided by Rockwell Automation and to be cautious of phishing attacks.