{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T19:43:38.795","vulnerabilities":[{"cve":{"id":"CVE-2022-38742","sourceIdentifier":"PSIRT@rockwellautomation.com","published":"2022-09-23T16:15:11.570","lastModified":"2024-11-21T07:17:00.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution."},{"lang":"es","value":"Rockwell Automation ThinManager ThinServer versiones  11.0.0 - 13.0.0, son vulnerables a un desbordamiento del búfer en la región heap de la memoria. Un atacante podría enviar una petición TFTP o HTTPS específicamente diseñada, causando un desbordamiento del búfer en la región heap de la memoria que bloquea el proceso de ThinServer. Si es explotado con éxito, esto podría exponer al servidor a una ejecución de código remota arbitrario."}],"metrics":{"cvssMetricV31":[{"source":"PSIRT@rockwellautomation.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"PSIRT@rockwellautomation.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0.0","versionEndIncluding":"13.0.0","matchCriteriaId":"5244D82A-CE1D-4C9A-9364-7855C15E22BD"}]}]}],"references":[{"url":"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136847","source":"PSIRT@rockwellautomation.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136847","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]}]}}]}