Vulnerabilities > Rockwellautomation > Micrologix 1100 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-16 | CVE-2022-46670 | Cross-site Scripting vulnerability in Rockwellautomation products Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. | 6.1 |
| 2022-07-20 | CVE-2022-2179 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Rockwellautomation Micrologix 1100 Firmware and Micrologix 1400 Firmware The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks. | 6.5 |
| 2019-04-25 | CVE-2019-10955 | Open Redirect vulnerability in Rockwellautomation products In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine. | 6.1 |