CNNVD-202511-1196 Information

Nov 11, 2025 cve

CNNVD ID

CNNVD-202511-1196

CVE-2025-11084

CNNVD Published: 2025-11-11

Description (Chinese)

Rockwell Automation DataMosaix Private Cloud是美国罗克韦尔（Rockwell Automation）公司的一款工业 DataOps 解决方案。用于简化和控制对相关、可靠和情境化数据的访问。 Rockwell Automation DataMosaix Private Cloud存在安全漏洞，该漏洞源于多因素认证启用后7天内未完成设置时，攻击者可绕过多因素认证获取有效登录令牌，无需知晓用户密码。

Description (English)

Rockwell Automation DataMosaix Private Club is an industrial DataOps solution for Rockwell Automation in the United States. To simplify and control access to relevant, reliable and situational data. Lockwell Automation DataMosaix Private Cloud has a security loophole, which results from a multiple-factor authentication that fails to complete the settings within seven days of the commissioning, and the assailant can obtain a valid login token by over-factor authentication without knowing the user password.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

罗克韦尔

Published

2025-11-11

Last Modified

2026-02-24

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1758.html

Patch

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1758.html

Share on: