Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation Authentication Bypass Vulnerability in DataMosaix™
Vulnerability Description
CVE-2024-6078 IMPACT An improper authentication vulnerability exists in the affected product, which could allow a malicious user to generate cookies for any user ID without the use of a username or password. If exploited, a malicious user could take over the account of a legitimate user. The malicious user would be able to view and modify data stored in the cloud.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Rockwell Automation DataMosaix Private Cloud 安全漏洞
Vulnerability Description
Rockwell Automation DataMosaix Private Cloud是美国罗克韦尔(Rockwell Automation)公司的一款工业 DataOps 解决方案。用于简化和控制对相关、可靠和情境化数据的访问。 Rockwell Automation DataMosaix Private Cloud 7.07之前版本存在安全漏洞,该漏洞源于存在身份验证绕过漏洞,允许恶意用户在不使用用户名或密码的情况下为任何用户ID生成cookie,从而接管合法用户的帐户。
CVSS Information
N/A
Vulnerability Type
N/A