Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2019-10955

UNKNOWN
Published 2019-04-25T17:27:32
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2019-10955. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Rockwell Automation

MicroLogix 1400 Controllers

Affected Versions:

Series A All Versions Series B v15.002 and earlier
Rockwell Automation

MicroLogix 1100 Controllers

Affected Versions:

v14.00 and earlier
Rockwell Automation

CompactLogix 5370 L1 controllers

Affected Versions:

v30.014 and earlier
Rockwell Automation

CompactLogix 5370 L2 controllers

Affected Versions:

v30.014 and earlier
Rockwell Automation

CompactLogix 5370 L3 controllers

Affected Versions:

v30.014 and earlier

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-vm5j-x654-r2ww

Advisory Details

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user?s machine.

CVSS Scoring

CVSS Score

5.0

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2019-10955
WEB https://ics-cert.us-cert.gov/advisories/ICSA-19-113-01
WEB https://www.securityfocus.com/bid/108049

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-113-01
https://www.securityfocus.com/bid/108049
Published: 2019-04-25T17:27:32
Last Modified: 2024-08-04T22:40:15.190Z
Copied to clipboard!