Filtered by vendor Rockwellautomation
Subscribe
Filtered by product Powermonitor 1000 Firmware
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-19615 | 1 Rockwellautomation | 2 Powermonitor 1000, Powermonitor 1000 Firmware | 2023-03-01 | 4.3 MEDIUM | 6.1 MEDIUM |
Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted userĂ¢??s web browser to gain access to the affected device. | |||||
CVE-2018-19616 | 1 Rockwellautomation | 2 Powermonitor 1000, Powermonitor 1000 Firmware | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element. |