CVE-2022-3166
HIGH
7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
Description
AI Translation Available
Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0015
Percentile
0,4th
Updated
EPSS Score Trend (Last 90 Days)
924
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
IncompleteCommon Consequences
Security Scopes Affected:
Integrity
Confidentiality
Potential Impacts:
Gain Privileges Or Assume Identity
Applicable Platforms
All platforms may be affected
Operating System
Micrologix 1400 Firmware by Rockwellautomation
CPE Identifier
View Detailed Analysis
cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Micrologix 1100 Firmware by Rockwellautomation
CPE Identifier
View Detailed Analysis
cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137678
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137678