Skip to content

The v6.40 release of Rockwell Automation FactoryTalk®...

Moderate severity Unreviewed Published Jul 16, 2024 to the GitHub Advisory Database • Updated Aug 5, 2024

Package

No package listedSuggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html  and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html  by implementing CIP security and did not update to the versions of the software CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html  and CVE-2022-1161. https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html

References

Published by the National Vulnerability Database Jul 16, 2024
Published to the GitHub Advisory Database Jul 16, 2024
Last updated Aug 5, 2024

Severity

Moderate

EPSS score

0.043%
(10th percentile)

Weaknesses

CVE ID

CVE-2024-6325

GHSA ID

GHSA-j8wv-5g58-r5vh

Source code

No known source code

Dependabot alerts are not supported on this advisory because it does not have a package from a supported ecosystem with an affected and fixed version.

Learn more about GitHub language support

Checking history
See something to contribute? Suggest improvements for this vulnerability.