Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_ROCKWELL_MICROLOGIX_1100_PLC_MITM_470156.NBIN
HistoryJul 07, 2015 - 12:00 a.m.

Rockwell Automation MicroLogix 1100 PLC < Series B FRN 12.0 MitM Replay Authentication Bypass

2015-07-0700:00:00
This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

The Rockwell Automation MicroLogix 1100 PLC integrated web server has a firmware version that is prior to Series B FRN 12.0. It is, therefore, affected by an authentication bypass vulnerability due to a failure to properly restrict session replays. A man-in-the-middle attacker via HTTP traffic can use a session replay attack to bypass the web server’s authentication mechanism.

Note that Nessus has not attempted to exploit this issue but has instead relied only on the self-reported version number.

Binary data scada_rockwell_micrologix_1100_plc_mitm_470156.nbin
VendorProductVersionCPE
rockwellautomationmicrologix1100cpe:/a:rockwellautomation:micrologix:1100
JSON