Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device
References
Link | Resource |
---|---|
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137678 | Permissions Required Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
07 Nov 2023, 03:50
Type | Values Removed | Values Added |
---|---|---|
Summary | Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device |
Information
Published : 2022-12-16 20:15
Updated : 2024-02-28 19:51
NVD link : CVE-2022-3166
Mitre link : CVE-2022-3166
CVE.ORG link : CVE-2022-3166
JSON object : View
Products Affected
rockwellautomation
- micrologix_1400
- micrologix_1100
- micrologix_1400_firmware
- micrologix_1100_firmware
CWE
CWE-924
Improper Enforcement of Message Integrity During Transmission in a Communication Channel