Vulnerabilities (CVE)

Filtered by vendor Rockwellautomation Subscribe

Filtered by product Micrologix 1100 Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-6984	1 Rockwellautomation	6 Micrologix 1100, Micrologix 1100 Firmware, Micrologix 1400 and 3 more	2020-03-20	5.0 MEDIUM	7.5 HIGH
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.
CVE-2020-6988	1 Rockwellautomation	6 Micrologix 1100, Micrologix 1100 Firmware, Micrologix 1400 and 3 more	2020-03-20	5.0 MEDIUM	7.5 HIGH
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix controller. The controller will then respond to the client with used password values to authenticate the user on the client-side. This method of authentication may allow an attacker to bypass authentication altogether, disclose sensitive information, or leak credentials.