Lucene search
HistoryOct 06, 2015 - 1:59 a.m.
CVE-2015-0987
cve-2015-0987
omron cx-one
cx-programmer
plc
cleartext password transmission
remote attackers
sensitive information
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.0%
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request.
Affected configurations
Node
omroncx-programmerRange≤9.5
ORomroncj2h_plcRange≤1.4
ORomroncj2m_plcRange≤2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| omron:cx-programmer | omron cx-programmer | le | 9.5 |
| omron:cj2h_plc | omron cj2h plc | le | 1.4 |
| omron:cj2m_plc | omron cj2m plc | le | 2.0 |
Related
nessus
nessus
nvd
nvd
CVE-2015-0987
2015-10-06 01:59:03
prion
prion
Design/Logic Flaw
2015-10-06 01:59:00
cvelist
cvelist
CVE-2015-0987
2015-10-03 10:00:00
ics
ics
Omron Multiple Product Vulnerabilities
2019-01-31 12:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.0%
Related for CVE-2015-0987