Vulnerabilities > CVE-2012-4690 - Configuration vulnerability in Rockwellautomation products

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

rockwellautomation

CWE-16

NVD

Published: 2012-12-08

Updated: 2013-05-21

Summary

Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, 1400, and 1500; SLC 500 controller platform; and PLC-5 controller platform, when Static status is not enabled, allow remote attackers to cause a denial of service via messages that trigger modification of status bits.

Vulnerable Configurations

Part	Description	Count
Hardware	Rockwellautomation Rockwellautomation AB Micrologix Controller 1100 Rockwellautomation AB Micrologix Controller 1200 Rockwellautomation AB Micrologix Controller 1400 Rockwellautomation AB Micrologix Controller 1500 Rockwellautomation PLC 5 Controller - Rockwellautomation SLC 500 Controller -	6

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References