Vulnerabilities > Rockwellautomation > 1734 Aentr Point I O Dual Port Network Adaptor Series B Firmware > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-24	CVE-2020-14502	Cross-site Scripting vulnerability in Rockwellautomation products The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. network rockwellautomation CWE-79	4.3
2022-02-24	CVE-2020-14504	Improper Authentication vulnerability in Rockwellautomation products The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. network low complexity rockwellautomation CWE-287	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.