CVE-2022-2179

The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01 Third Party Advisory US Government Resource
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994 Permissions Required Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*

Information

Published : 2022-07-20 09:15

Updated : 2022-07-27 14:45


NVD link : CVE-2022-2179

Mitre link : CVE-2022-2179


JSON object : View

CWE
CWE-1021

Improper Restriction of Rendered UI Layers or Frames

Advertisement

dedicated server usa

Products Affected

rockwellautomation

  • micrologix_1100
  • micrologix_1400_firmware
  • micrologix_1400
  • micrologix_1100_firmware