Detections
Analytics
Rockwell FactoryTalk Activation Manager < 4.02 XSS
medium Nessus Plugin ID 189288
Synopsis
An application installed on the remote Windows host is affected by a vulnerability.Description
The version of Rockwell FactoryTalk Activation Manager installed on the remote Windows host is prior to 4.02. It is, therefore, affected by a vulnerability.- A Cross-Site Scripting (XSS) vulnerability was found in certain versions of Wibu-Systems CodeMeter that may allow local attackers to inject arbitrary web script or HTML via a specific field in a configuration file, allowing an attacker to access sensitive information, or even rewrite the content of the HTML page. (CVE-2017-13754)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Rockwell FactoryTalk Activation Manager version 4.02 or later or refer to vendor advisory.See Also
https://www.cisa.gov/news-events/ics-advisories/icsa-18-102-02
Plugin Details
Severity: Medium
ID: 189288
File Name: rockwell_factorytalk_activation_manager_4_02_CVE-2017-13754.nasl
Version: 1.1
Type: local
Agent: windows
Family: SCADA
Published: 1/22/2024
Updated: 1/23/2024
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.8
CVSS v2
Risk Factor: Low
Base Score: 3.5
Temporal Score: 2.7
Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS Score Source: CVE-2017-13754
CVSS v3
Risk Factor: Medium
Base Score: 5.4
Temporal Score: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:rockwellautomation:factorytalk_activation
Required KB Items: installed_sw/Rockwell FactoryTalk Activation Manager
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/1/2018
Vulnerability Publication Date: 10/2/2020
Reference Information
CVE: CVE-2017-13754
ICSA: 18-102-02