Details of VAR-202104-1945

ID

VAR-202104-1945

CVE

CVE-2021-27468

TITLE

Rockwell Automation Made FactoryTalk AssetCentre Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2021-001308

DESCRIPTION

The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements. Rockwell Automation Provided by the company FactoryTalk AssetCentre The following multiple vulnerabilities exist in. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets. Rockwell Automation FactoryTalk AssetCentre has a SQL injection vulnerability. Provides a centralized tool for securing, managing, versioning, tracking and reporting automation-related asset information across a factory

Trust: 2.34

sources: NVD: CVE-2021-27468 // JVNDB: JVNDB-2021-001308 // CNVD: CNVD-2021-26400 // VULHUB: VHN-386735 // VULMON: CVE-2021-27468

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-26400

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	factorytalk assetcentre	scope:	lte	version:	10.00	Trust: 1.0
vendor:	rockwell automation	model:	factorytalk asset centre	scope:	eq	version:	-	Trust: 0.8
vendor:	rockwell automation	model:	factorytalk asset centre	scope:	lte	version:	v10.00 and earlier	Trust: 0.8
vendor:	rockwell	model:	automation factorytalk assetcentre	scope:	lte	version:	<=10.00	Trust: 0.6

sources: CNVD: CNVD-2021-26400 // JVNDB: JVNDB-2021-001308 // NVD: CVE-2021-27468

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-27468
value:	CRITICAL
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2021-27468
value:	CRITICAL
Trust: 1.0
IPA:	JVNDB-2021-001308
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2021-26400
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202104-054
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-386735
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-27468
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2021-26400
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-386735
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-27468
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2021-27468
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.8
version:	3.1
Trust: 1.0
IPA:	JVNDB-2021-001308
baseSeverity:	CRITICAL
baseScore:	10
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2021-26400 // VULHUB: VHN-386735 // JVNDB: JVNDB-2021-001308 // CNNVD: CNNVD-202104-054 // NVD: CVE-2021-27468 // NVD: CVE-2021-27468

PROBLEMTYPE DATA

problemtype:	CWE-89	Trust: 1.1
problemtype:	Deserialization of untrusted data (CWE-502) [IPA Evaluation ]	Trust: 0.8
problemtype:	Use of potentially dangerous functions (CWE-676) [IPA Evaluation ]	Trust: 0.8
problemtype:	OS Command injection (CWE-78) [IPA Evaluation ]	Trust: 0.8
problemtype:	SQL injection (CWE-89) [IPA Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-386735 // JVNDB: JVNDB-2021-001308 // NVD: CVE-2021-27468

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202104-054

TYPE

SQL injection

Trust: 0.6

sources: CNNVD: CNNVD-202104-054

PATCH

title:	QA46277 (Login required)	url:	https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1130831	Trust: 0.8
title:	Patch for Rockwell Automation FactoryTalk AssetCentre SQL injection vulnerability (CNVD-2021-26400)	url:	https://www.cnvd.org.cn/patchInfo/show/257336	Trust: 0.6
title:	Rockwell Automation FactoryTalk AssetCentre SQL Repair measures for injecting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146608	Trust: 0.6

sources: CNVD: CNVD-2021-26400 // JVNDB: JVNDB-2021-001308 // CNNVD: CNNVD-202104-054

EXTERNAL IDS

db:	NVD	id:	CVE-2021-27468	Trust: 3.2
db:	ICS CERT	id:	ICSA-21-091-01	Trust: 3.1
db:	JVN	id:	JVNVU93112256	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-001308	Trust: 0.8
db:	CNNVD	id:	CNNVD-202104-054	Trust: 0.7
db:	CNVD	id:	CNVD-2021-26400	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1134	Trust: 0.6
db:	VULHUB	id:	VHN-386735	Trust: 0.1
db:	VULMON	id:	CVE-2021-27468	Trust: 0.1

sources: CNVD: CNVD-2021-26400 // VULHUB: VHN-386735 // VULMON: CVE-2021-27468 // JVNDB: JVNDB-2021-001308 // CNNVD: CNNVD-202104-054 // NVD: CVE-2021-27468

REFERENCES

url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-091-01	Trust: 2.0
url:	https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?relaystate=rpid%3drockwellautomation.custhelp.com%26relaystate%3danswers%2fanswer_view%2fa_id%2f1130831	Trust: 1.7
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-21-091-01	Trust: 1.7
url:	http://jvn.jp/cert/jvnvu93112256	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2021-27468/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27468	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1134	Trust: 0.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/199265	Trust: 0.1

sources: CNVD: CNVD-2021-26400 // VULHUB: VHN-386735 // VULMON: CVE-2021-27468 // JVNDB: JVNDB-2021-001308 // CNNVD: CNNVD-202104-054 // NVD: CVE-2021-27468

SOURCES

db:	CNVD	id:	CNVD-2021-26400
db:	VULHUB	id:	VHN-386735
db:	VULMON	id:	CVE-2021-27468
db:	JVNDB	id:	JVNDB-2021-001308
db:	CNNVD	id:	CNNVD-202104-054
db:	NVD	id:	CVE-2021-27468

LAST UPDATE DATE

2024-08-14T13:54:05.461000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-26400	date:	2021-04-12T00:00:00
db:	VULHUB	id:	VHN-386735	date:	2022-03-29T00:00:00
db:	JVNDB	id:	JVNDB-2021-001308	date:	2021-04-05T06:09:00
db:	CNNVD	id:	CNNVD-202104-054	date:	2022-03-30T00:00:00
db:	NVD	id:	CVE-2021-27468	date:	2022-03-29T18:22:16.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-26400	date:	2021-04-09T00:00:00
db:	VULHUB	id:	VHN-386735	date:	2022-03-23T00:00:00
db:	JVNDB	id:	JVNDB-2021-001308	date:	2021-04-05T00:00:00
db:	CNNVD	id:	CNNVD-202104-054	date:	2021-04-01T00:00:00
db:	NVD	id:	CVE-2021-27468	date:	2022-03-23T20:15:08.930