Vulnerabilities > Rockwellautomation > 1756 En2Tr Series B Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-07	CVE-2018-17924	Missing Authentication for Critical Function vulnerability in Rockwellautomation products Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. network low complexity rockwellautomation CWE-306	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.