Vulnerabilities > Rockwellautomation > Pavilion8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-7960 | Unspecified vulnerability in Rockwellautomation Pavilion8 5.20 The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. | 9.1 |
| 2024-09-12 | CVE-2024-7961 | Path Traversal vulnerability in Rockwellautomation Pavilion8 5.20 A path traversal vulnerability exists in the Rockwell Automation affected product. | 9.8 |
| 2024-08-14 | CVE-2024-40620 | Missing Encryption of Sensitive Data vulnerability in Rockwellautomation Pavilion8 5.20.00 CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. | 7.5 |
| 2024-07-16 | CVE-2024-6435 | Incorrect Permission Assignment for Critical Resource vulnerability in Rockwellautomation Pavilion8 A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. | 8.8 |
| 2023-09-12 | CVE-2023-29463 | Improper Authentication vulnerability in Rockwellautomation Pavilion8 The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. | 5.4 |