CVE-2024-5989 - OpenCVE

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™.

CVSS

No CVSS.

Vendors & Products
CPE Configurations

No data.

References

Link	Resource
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Rockwell

Published: 2024-06-25T16:01:39.103Z

Updated: 2024-06-26T17:06:20.972Z

Reserved: 2024-06-13T20:56:09.876Z

Link: CVE-2024-5989

JSON object: View

NVD Information

Status : Awaiting Analysis

Published: 2024-06-25T16:15:25.363

Modified: 2024-06-25T18:50:42.040

Link: CVE-2024-5989

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5989", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2024-06-13T20:56:09.876Z", "datePublished": "2024-06-25T16:01:39.103Z", "dateUpdated": "2024-06-26T17:06:20.972Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ThinManager\u00ae ThinServer\u2122", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "11.0.0"}, {"status": "affected", "version": "11.2.0"}, {"status": "affected", "version": "12.0.0"}, {"status": "affected", "version": "12.1.0"}, {"status": "affected", "version": "13.0.0"}, {"status": "affected", "version": "13.1.0"}, {"status": "affected", "version": "13.2.0"}]}], "datePublic": "2024-06-25T13:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nDue to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager\u00ae ThinServer\u2122."}], "value": "Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation\u00a0ThinManager\u00ae ThinServer\u2122."}], "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-06-25T16:01:39.103Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<table><tbody><tr><td>Affected Product</td><td>CVE</td><td>First Known in software version</td><td>Corrected in software version (<a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">Available Here</a>)</td></tr><tr><td rowspan=\"2\">ThinManager\u00ae ThinServer\u2122</td><td>2024-59882024-5989     </td><td>11.1.011.2.012.0.012.1.013.0.013.1.013.2.0</td><td><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.5</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.3</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.2.2</a></td></tr><tr><td>2024-5990</td><td>11.1.011.2.012.0.012.1.013.0.013.1.0</td><td><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.4</a><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.2</a></td></tr></tbody></table> \n\nCustomers using the affected software are encouraged to apply the risk mitigations from the list below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of vulnerability.\u00b7 Update to the corrected software versions via the <a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">ThinManager\u00ae Downloads Site</a>\u00b7 Limit remote access for TCP Port 2031 to known thin clients and ThinManager\u00ae servers.\u00b7 <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a>"}], "value": "Affected Product\n\nCVE\n\nFirst Known in software version\n\nCorrected in software version ( Available Here https://thinmanager.com/downloads/index.php )\n\nThinManager\u00ae ThinServer\u2122\n\n2024-5988\n\n2024-5989\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n11.1.0\n\n11.2.0\n\n12.0.0\n\n12.1.0\n\n13.0.0\n\n13.1.0\n\n13.2.0\n\n 11.1.8 https://thinmanager.com/downloads/index.php \n\n 11.2.9 https://thinmanager.com/downloads/index.php \n\n 12.0.7 https://thinmanager.com/downloads/index.php \n\n 12.1.8 https://thinmanager.com/downloads/index.php \n\n 13.0.5 https://thinmanager.com/downloads/index.php \n\n 13.1.3 https://thinmanager.com/downloads/index.php \n\n 13.2.2 https://thinmanager.com/downloads/index.php \n\n2024-5990\n\n11.1.0\n\n11.2.0\n\n12.0.0\n\n12.1.0\n\n13.0.0\n\n13.1.0\n\n 11.1.8 https://thinmanager.com/downloads/index.php \n\n 11.2.9 https://thinmanager.com/downloads/index.php \n\n 12.0.7 https://thinmanager.com/downloads/index.php \n\n 12.1.8 https://thinmanager.com/downloads/index.php \n\n 13.0.4 https://thinmanager.com/downloads/index.php \n\n 13.1.2 https://thinmanager.com/downloads/index.php \n\n\n\n\nCustomers using the affected software are encouraged to apply the risk mitigations from the list below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of vulnerability.\n\n\u00b7 Update to the corrected software versions via the ThinManager\u00ae Downloads Site https://thinmanager.com/downloads/index.php \n\n\u00b7 Limit remote access for TCP Port 2031 to known thin clients and ThinManager\u00ae servers.\n\n\u00b7 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"}], "source": {"discovery": "EXTERNAL"}, "title": "Rockwell Automation ThinManager\u00ae ThinServer\u2122 Improper Input Validation Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "rockwellautomation", "product": "thinmanager", "cpes": ["cpe:2.3:a:rockwellautomation:thinmanager:11.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:rockwellautomation:thinmanager:11.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:rockwellautomation:thinmanager:12.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:rockwellautomation:thinmanager:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:rockwellautomation:thinmanager:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:rockwellautomation:thinmanager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:rockwellautomation:thinmanager:13.2.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "11.1.0", "status": "affected", "lessThan": "11.1.8", "versionType": "custom"}, {"version": "11.2.0", "status": "affected", "lessThan": "11.2.9", "versionType": "custom"}, {"version": "12.0.0", "status": "affected", "lessThan": "12.0.7", "versionType": "custom"}, {"version": "12.1.0", "status": "affected", "lessThan": "12.1.8", "versionType": "custom"}, {"version": "13.0.0", "status": "affected", "lessThan": "13.0.4", "versionType": "custom"}, {"version": "13.1.0", "status": "affected", "lessThan": "13.1.2", "versionType": "custom"}, {"version": "13.2.0", "status": "affected", "lessThan": "13.2.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-25T17:42:47.931940Z", "id": "CVE-2024-5989", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-26T17:06:20.972Z"}}]}}