CVSS: 10.0EPSS: 0%CPEs: 101EXPL: 0CVE-2016-9343
https://notcve.org/view.php?id=CVE-2016-9343
13 Feb 2017 — An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service. Ha sido descubierto un problema en Rockwell Automation Logix5000 Programmable Automation Contro... • http://www.securityfocus.com/bid/95304 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 32%CPEs: 18EXPL: 0CVE-2012-6435
https://notcve.org/view.php?id=CVE-2012-6435
24 Jan 2013 — Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 ... • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 13%CPEs: 18EXPL: 0CVE-2012-6436
https://notcve.org/view.php?id=CVE-2012-6436
24 Jan 2013 — Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; a... • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 18EXPL: 0CVE-2012-6437
https://notcve.org/view.php?id=CVE-2012-6437
24 Jan 2013 — Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 ... • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 21%CPEs: 18EXPL: 0CVE-2012-6438
https://notcve.org/view.php?id=CVE-2012-6438
24 Jan 2013 — Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; a... • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.5EPSS: 1%CPEs: 18EXPL: 0CVE-2012-6439
https://notcve.org/view.php?id=CVE-2012-6439
24 Jan 2013 — Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 ... • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf •
CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2012-6440
https://notcve.org/view.php?id=CVE-2012-6440
24 Jan 2013 — The web-server password-authentication functionality in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; Gua... • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 19%CPEs: 18EXPL: 0CVE-2012-6441
https://notcve.org/view.php?id=CVE-2012-6441
24 Jan 2013 — Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 ... • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 16%CPEs: 23EXPL: 0CVE-2012-6442
https://notcve.org/view.php?id=CVE-2012-6442
24 Jan 2013 — Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 ... • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0472
https://notcve.org/view.php?id=CVE-2009-0472
06 Feb 2009 — Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de secuencias de ejecución de comandos en sitios cruzados en el interfaz web en el módulo Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores s... • http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •