7.3

CVE-2016-9334

EPSS 0.07%
Published 13.02.2017 21:59:01
Last modified 20.04.2025 01:37:25
Source ics-cert@hq.dhs.gov
Teams watchlist Login
Open Login

An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD, Series A and B, Version 14.000 and prior versions. User credentials are sent to the web server in clear text, which may allow an attacker to discover the credentials if they are able to observe traffic between the web browser and the server.

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Rockwellautomation ≫ 1763-l16awa Series A Version <= 14.000

Rockwellautomation ≫ 1763-l16awa Series B Version <= 14.000

Rockwellautomation ≫ 1763-l16bbb Series A Version <= 14.000

Rockwellautomation ≫ 1763-l16bbb Series B Version <= 14.000

Rockwellautomation ≫ 1763-l16bwa Series A Version <= 14.000

Rockwellautomation ≫ 1763-l16bwa Series B Version <= 14.000

Rockwellautomation ≫ 1763-l16dwd Series A Version <= 14.000

Rockwellautomation ≫ 1763-l16dwd Series B Version <= 14.000

Rockwellautomation ≫ 1766-l32awa Series A Version <= 15.004

Rockwellautomation ≫ 1766-l32awa Series B Version <= 15.004

Rockwellautomation ≫ 1766-l32awaa Series A Version <= 15.004

Rockwellautomation ≫ 1766-l32awaa Series B Version <= 15.004

Rockwellautomation ≫ 1766-l32bwa Series A Version <= 15.004

Rockwellautomation ≫ 1766-l32bwa Series B Version <= 15.004

Rockwellautomation ≫ 1766-l32bwaa Series A Version <= 15.004

Rockwellautomation ≫ 1766-l32bwaa Series B Version <= 15.004

Rockwellautomation ≫ 1766-l32bxb Series A Version <= 15.004

Rockwellautomation ≫ 1766-l32bxb Series B Version <= 15.004

Rockwellautomation ≫ 1766-l32bxba Series A Version <= 15.004

Rockwellautomation ≫ 1766-l32bxba Series B Version <= 15.004

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.07%	0.171

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.3	3.9	3.4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.securityfocus.com/bid/95302

Third Party Advisory

VDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-16-336-06

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2016-9334

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-9334

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-9334

EUVD