Vulnerability Details : CVE-2023-2913
An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. This feature is disabled by default. When the API is enabled and handling requests, a path traversal vulnerability exists that allows a remote actor to leverage the privileges of the server’s file system and read arbitrary files stored in it. A malicious user could exploit this vulnerability by executing a path that contains manipulating variables.
Vulnerability category: Directory traversal
Products affected by CVE-2023-2913
- Rockwellautomation » ThinmanagerVersions from including (>=) 13.0.0 and up to, including, (<=) 13.0.2cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-2913
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-2913
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.8
|
3.6
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
Rockwell Automation |
CWE ids for CVE-2023-2913
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
-
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.Assigned by: PSIRT@rockwellautomation.com (Secondary)
References for CVE-2023-2913
-
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140160
ThinManager® ThinServer™ Path Traversal VulnerabilityVendor Advisory
Jump to