Vulnerabilities > Rockwellautomation > Micrologix 1100 Firmware

DATE CVE VULNERABILITY TITLE RISK
2015-10-28 CVE-2015-6490 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation Micrologix 1100 Firmware and Micrologix 1400 Firmware
Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
rockwellautomation CWE-119
critical
 10.0
10
2015-10-28 CVE-2015-6488 Cross-site Scripting vulnerability in Rockwellautomation Micrologix 1100 Firmware and Micrologix 1400 Firmware
Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 		4.3
4.3
2015-10-28 CVE-2015-6486 SQL Injection vulnerability in Rockwellautomation Micrologix 1100 Firmware and Micrologix 1400 Firmware
SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
rockwellautomation CWE-89
6.5
6.5