Vulnerabilities > CVE-2016-9334 - Unspecified vulnerability in Rockwellautomation products

CVSS 7.3 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

low complexity

rockwellautomation

NVD

Published: 2017-02-13

Updated: 2017-03-16

Summary

An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD, Series A and B, Version 14.000 and prior versions. User credentials are sent to the web server in clear text, which may allow an attacker to discover the credentials if they are able to observe traffic between the web browser and the server.

Vulnerable Configurations

Part	Description	Count
Application	Rockwellautomation Rockwellautomation 1766 L32Awaa Series B 15.004 Rockwellautomation 1766 L32Bwaa Series B 15.004 Rockwellautomation 1766 L32Bwa Series B 15.004 Rockwellautomation 1766 L32Awa Series A 15.004 Rockwellautomation 1766 L32Awa Series B 15.004 Rockwellautomation 1763 L16Bbb Series A 14.000 Rockwellautomation 1763 L16Awa Series B 14.000 Rockwellautomation 1763 L16Bbb Series B 14.000 Rockwellautomation 1766 L32Bxb Series A 15.004 Rockwellautomation 1763 L16Dwd Series A 14.000 Rockwellautomation 1766 L32Awaa Series A 15.004 Rockwellautomation 1766 L32Bxba Series B 15.004 Rockwellautomation 1766 L32Bxb Series B 15.004 Rockwellautomation 1766 L32Bxba Series A 15.004 Rockwellautomation 1766 L32Bwa Series A 15.004 Rockwellautomation 1763 L16Dwd Series B 14.000 Rockwellautomation 1766 L32Bwaa Series A 15.004 Rockwellautomation 1763 L16Awa Series A 14.000 Rockwellautomation 1763 L16Bwa Series B 14.000 Rockwellautomation 1763 L16Bwa Series A 14.000	20

Summary

Vulnerable Configurations

References