CVE-2015-6486

SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
References
Link Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03 Patch Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*

Information

Published : 2015-10-28 03:59

Updated : 2015-10-28 14:02


NVD link : CVE-2015-6486

Mitre link : CVE-2015-6486


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

rockwellautomation

  • micrologix_1400_firmware
  • micrologix_1100_firmware