Details of VAR-202401-1419

ID

VAR-202401-1419

CVE

CVE-2024-21917

TITLE

Rockwell Automation of FactoryTalk Services Platform Digital Signature Verification Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-002283

DESCRIPTION

A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication

Trust: 1.71

sources: NVD: CVE-2024-21917 // JVNDB: JVNDB-2024-002283 // VULMON: CVE-2024-21917

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	factorytalk services platform	scope:	lte	version:	6.31.00	Trust: 1.0
vendor:	rockwell automation	model:	factorytalk services platform	scope:	eq	version:	-	Trust: 0.8
vendor:	rockwell automation	model:	factorytalk services platform	scope:	lte	version:	6.31.00 and earlier	Trust: 0.8
vendor:	rockwell automation	model:	factorytalk services platform	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2024-21917
value:	CRITICAL
Trust: 1.8
PSIRT@rockwellautomation.com:	CVE-2024-21917
value:	CRITICAL
Trust: 1.0

NVD:
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	5.2
version:	3.1
Trust: 1.0
PSIRT@rockwellautomation.com:
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2024-21917
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917 // NVD: CVE-2024-21917

PROBLEMTYPE DATA

problemtype:	CWE-347	Trust: 1.0
problemtype:	Improper verification of digital signatures (CWE-347) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917

CONFIGURATIONS

sources: NVD: CVE-2024-21917

EXTERNAL IDS

db:	NVD	id:	CVE-2024-21917	Trust: 2.7
db:	ICS CERT	id:	ICSA-24-030-06	Trust: 0.9
db:	JVN	id:	JVNVU99327679	Trust: 0.8
db:	JVNDB	id:	JVNDB-2024-002283	Trust: 0.8
db:	VULMON	id:	CVE-2024-21917	Trust: 0.1

sources: VULMON: CVE-2024-21917 // JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917

REFERENCES

url:	https://www.rockwellautomation.com/en-us/support/advisory.sd1660.html	Trust: 1.9
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-06	Trust: 0.9
url:	https://jvn.jp/vu/jvnvu99327679/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2024-21917	Trust: 0.8
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2024-21917 // JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917

SOURCES

db:	VULMON	id:	CVE-2024-21917
db:	JVNDB	id:	JVNDB-2024-002283
db:	NVD	id:	CVE-2024-21917

LAST UPDATE DATE

2024-02-14T23:05:10.292000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2024-21917	date:	2024-01-31T00:00:00
db:	JVNDB	id:	JVNDB-2024-002283	date:	2024-02-13T02:23:00
db:	NVD	id:	CVE-2024-21917	date:	2024-02-08T01:29:32.367

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2024-21917	date:	2024-01-31T00:00:00
db:	JVNDB	id:	JVNDB-2024-002283	date:	2024-02-13T00:00:00
db:	NVD	id:	CVE-2024-21917	date:	2024-01-31T19:15:08.633