Clear Text Credential Transmission in Rockwell Automation MicroLogix 1100 Controller
CVE-2016-9334

7.3HIGH

Key Information:

Vendor: Rockwellautomation
Status: Rockwell Automation Micrologix 1100 And 1400
Vendor: CVE Published:; 13 February 2017

🔔 Create Rockwellautomation Vulnerability Alert

What is CVE-2016-9334?

A vulnerability exists in Rockwell Automation's MicroLogix 1100 controller that allows user credentials to be transmitted in clear text. This could enable an attacker to intercept and capture sensitive authentication information by monitoring the traffic between a web browser and the server. Versions affected include 14.000 and earlier for specific series of the MicroLogix 1100 controllers, making it crucial for users to implement secure communication protocols to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Rockwell Automation MicroLogix 1100 and 1400 Rockwell Automation MicroLogix 1100 and 1400

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-336-06

x_refsource_MISC

http://www.securityfocus.com/bid/95302

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 13, 2017
Vulnerability Reserved
Nov 16, 2016

JSON

Rockwellautomation