Rockwellautomation Pavilion8
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Rockwellautomation Pavilion8.
By the Year
In 2026 there have been 0 vulnerabilities in Rockwellautomation Pavilion8. Pavilion8 did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 4 | 8.80 |
| 2023 | 1 | 5.40 |
It may take a day or so for new Pavilion8 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Rockwellautomation Pavilion8 Security Vulnerabilities
Rockwell Automation Path Traversal Enabling RCE
CVE-2024-7961
9.8 - Critical
- September 12, 2024
A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execution.
Directory traversal
Rockwell Automation Privilege Matrix Flaw Enables Info Disclosure
CVE-2024-7960
9.1 - Critical
- September 12, 2024
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect privilege matrix that allows users to have access to functions they should not.
Console-Dashboard Lack of TLS Exposes Confid. Via Log Leakage
CVE-2024-40620
7.5 - High
- August 14, 2024
CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. The vulnerability results in data being sent between the Console and the Dashboard without encryption, which can be seen in the logs of proxy servers, potentially impacting the data's confidentiality.
Missing Encryption of Sensitive Data
Privilege Escalation in Unknown Product (CVE-2024-6435)
CVE-2024-6435
8.8 - High
- July 16, 2024
A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. For example, a malicious user with basic privileges could perform critical functions such as creating a user with elevated privileges and reading sensitive information in the views section.
Incorrect Permission Assignment for Critical Resource
Rockwell Automation Pavilion8 JMX Console Unauth. Access Exposing Session Data
CVE-2023-29463
5.4 - Medium
- September 12, 2023
The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users session data and or log users out of their session.
authentification
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Rockwellautomation Pavilion8 or by Rockwellautomation? Click the Watch button to subscribe.
