Severity:
High,
Medium
Advisory ID:
PN1622
Fecha de publicación:
May 11, 2023
Última actualización:
September 08, 2025
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
CVE IDs
CVE-2023-29030,
CVE-2023-29022,
CVE-2023-29028,
CVE-2023-29027,
CVE-2023-29023,
CVE-2023-29026,
CVE-2023-29029,
CVE-2023-29031,
CVE-2023-29024,
CVE-2023-29025
Resumen
ArmorStart® ST 281E, 284EE Vulnerable to Multiple XSS Vulnerabilities
Revision Number
1.1
Revision History
Version 1.0 - May 11, 2023
Version 1.1 - September 8, 2025 - Updated for better readability
Affected Products
| Affected Product (automated) | First Known in Firmware Revision | Corrected in Firmware Revision |
| ArmorStart® ST 281E | v2.004.06 | N/A |
| ArmorStart® ST 284E | all | N/A |
| ArmorStart® ST 280E | all | N/A |
Security Issue Details
Rockwell Automation used the latest version of the CVSS scoring system to assess the following security issues.
CVE-2023-29031 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful use of this.
Known Exploited Vulnerability (KEV) database:
CVE-2023-29030 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful use of this.
Known Exploited Vulnerability (KEV) database:
CVE-2023-29023 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful use of this.
Known Exploited Vulnerability (KEV) database:
CVE-2023-29024 IMPACT
A cross site scripting vulnerability was discovered. This could allow a threat actor to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this.
Known Exploited Vulnerability (KEV) database:
CVE-2023-29025 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
CVE-2023-29026 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface.This could also cause interruptions to the availability of the web page.
CVE-2023-29027 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
CVE-2023-29028 IMPACT
A cross site scripting vulnerability was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
CVE-2023-29029 IMPACT
A cross site scripting security issue was discovered. Thist could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
CVE-2023 29022 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
Customers can use Stakeholder-Specific Vulnerability Categorization to create more environment specific categories.
CVE-2023-29031 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful use of this.
CVSS Base Score: 7.0
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-20 Improper Input ValidationKnown Exploited Vulnerability (KEV) database:
NoCVE-2023-29030 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful use of this.
CVSS Base Score: 7.0 (High)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-20 Improper Input ValidationKnown Exploited Vulnerability (KEV) database:
NoCVE-2023-29023 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful use of this.
CVSS Base Score: 7.0 (High)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-20 Improper Input ValidationKnown Exploited Vulnerability (KEV) database:
NoCVE-2023-29024 IMPACT
A cross site scripting vulnerability was discovered. This could allow a threat actor to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this.
CVSS Base Score: 5.5 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationKnown Exploited Vulnerability (KEV) database:
NoCVE-2023-29025 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023-29026 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface.This could also cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023-29027 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023-29028 IMPACT
A cross site scripting vulnerability was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023-29029 IMPACT
A cross site scripting security issue was discovered. Thist could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCVE-2023 29022 IMPACT
A cross site scripting security issue was discovered. This could allow a threat actor with admin privileges and network access to view user data and modify the web interface. This could also cause interruptions to the availability of the web page.
CVSS Base Score: 4.7 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-20 Improper Input ValidationCustomers can use Stakeholder-Specific Vulnerability Categorization to create more environment specific categories.
Risk Mitigation & User Action
Customers using the affected software should use the below risk mitigation.
- Disable the webserver during normal use. The webserver is disabled by default and should only be enabled to modify configurations. After modifying configurations, the web server should be disabled.
- For information on how to mitigate Security Risks on industrial automation control systems (IACS) networks see the following publications:
- Customers should use our QA43240 - Recommended Security Guidelines from Rockwell Automation to minimize risks.
Additional Resources
- CVE-2023-29022 JSON
- CVE-2023-29023 JSON
- CVE-2023-29024 JSON
- CVE-2023-29025 JSON
- CVE-2023-29026 JSON
- CVE-2023-29027 JSON
- CVE-2023-29028 JSON
- CVE-2023-29029 JSON
- CVE-2023-29030 JSON
- CVE-2023-29031 JSON
Glossary
Cross Site Scripting Vulnerability: (XSS) a web security vulnerability that allows an attacker to inject malicious scripts into content from otherwise trusted websites
Copyright ©2022 Rockwell Automation, Inc.