cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2022-46670,https://securityvulnerability.io/vulnerability/CVE-2022-46670,Rockwell Automation MicroLogix 1100 & 1400 Vulnerable to Cross-Site Scripting Attack," Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution.  The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website. ",Rockwell Automation,"Micrologix 1100 & 1400 Controllers,Micrologix 1400-b/c,Micrologix 1400-a",7.1,HIGH,0.0006200000061653554,false,,false,false,false,,,false,false,,2022-12-16T20:12:22.414Z,0 CVE-2022-3166,https://securityvulnerability.io/vulnerability/CVE-2022-3166,MicroLogix 1100 & 1400 Product Web Server Application Vulnerable to Denial-Of-Service Condition Attack," Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device ",Rockwell Automation,"Micrologix 1100,Micrologix 1400-b/c,Micrologix 1400-a",7.5,HIGH,0.0006099999882280827,false,,false,false,false,,,false,false,,2022-12-16T19:59:25.261Z,0 CVE-2022-2179,https://securityvulnerability.io/vulnerability/CVE-2022-2179,ICSA-22-188-01 Rockwell Automation MicroLogix Improper Restriction of Rendered UI Layers or Frames,"The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks.",Rockwell Automation,"Micrologix 1400,Micrologix 1100",6.5,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2022-07-19T00:00:00.000Z,0 CVE-2019-10955,https://securityvulnerability.io/vulnerability/CVE-2019-10955,Open Redirect Vulnerability in Rockwell Automation MicroLogix and CompactLogix Controllers,"An open redirect vulnerability exists in Rockwell Automation MicroLogix and CompactLogix Controllers, which may allow an unauthenticated remote attacker to exploit the system. By crafting a malicious link, the attacker could redirect users to harmful websites, potentially enabling the download and execution of arbitrary malware on their devices. This risk is present in various models of MicroLogix and CompactLogix controllers, making it imperative for users to take precautionary measures.",Rockwell Automation,"Micrologix 1400 Controllers,Micrologix 1100 Controllers,Compactlogix 5370 L1 Controllers,Compactlogix 5370 L2 Controllers,Compactlogix 5370 L3 Controllers",6.1,MEDIUM,0.008500000461935997,false,,false,false,false,,,false,false,,2019-04-25T17:27:32.000Z,0