Vulnerabilities > Rockwellautomation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-26 | CVE-2018-19615 | Cross-site Scripting vulnerability in Rockwellautomation Powermonitor 1000 Firmware 1408Em3Aentb Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. | 6.1 |
| 2018-09-20 | CVE-2018-14827 | Resource Exhaustion vulnerability in Rockwellautomation Rslinx Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. | 5.0 |
| 2018-09-20 | CVE-2018-14821 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation Rslinx Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. | 5.0 |
| 2018-06-07 | CVE-2018-10619 | Unquoted Search Path or Element vulnerability in Rockwellautomation Factorytalk Linx Gateway and Rslinx Classic An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation. | 4.6 |
| 2018-06-04 | CVE-2017-12092 | Information Exposure vulnerability in Rockwellautomation Micrologix 1400 B Firmware An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. | 5.0 |
| 2018-05-14 | CVE-2018-8843 | Use After Free vulnerability in Rockwellautomation Arena Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data.. | 4.3 |
| 2018-04-05 | CVE-2017-12093 | Resource Exhaustion vulnerability in Rockwellautomation Micrologix 1400 B Firmware An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and before. | 5.3 |
| 2017-12-23 | CVE-2017-14022 | Improper Input Validation vulnerability in Rockwellautomation Factorytalk Alarms and Events An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. | 5.0 |
| 2017-09-20 | CVE-2017-7924 | Improper Input Validation vulnerability in Rockwellautomation products An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. | 5.0 |
| 2017-06-30 | CVE-2017-7903 | Inadequate Encryption Strength vulnerability in Rockwellautomation products A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic controllers 1766-L32AWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWAA, Series A and B, Version 16.00 and prior versions; 1766-L32BXB, Series A and B, Version 16.00 and prior versions; 1766-L32BXBA, Series A and B, Version 16.00 and prior versions; and 1766-L32AWAA, Series A and B, Version 16.00 and prior versions. | 5.0 |