Описание
Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.
Ссылки
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:7.0:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:18.0:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:20.01:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:21.0:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:logix_5000_controller:-:*:*:*:*:*:*:*
EPSS
Процентиль: 0%
0.00004
Низкий
6.3 Medium
CVSS2
6.9 Medium
CVSS2
Дефекты
CWE-522
CWE-255
Связанные уязвимости
github
больше 3 лет назад
Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.
EPSS
Процентиль: 0%
0.00004
Низкий
6.3 Medium
CVSS2
6.9 Medium
CVSS2
Дефекты
CWE-522
CWE-255