Lucene search
HistoryOct 28, 2015 - 10:59 a.m.
CVE-2015-6486
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.2%
SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Affected configurations
Node
rockwellautomationmicrologix_1100_firmwareRange≤14.000
ORrockwellautomationmicrologix_1400_firmwareRange≤15.002
Related
cve
cve
CVE-2015-6486
2015-10-28 10:59:11
prion
prion
Sql injection
2015-10-28 10:59:00
ptsecurity
ptsecurity
nessus
nessus
Rockwell MicroLogix SQL Injection (CVE-2015-6486)
2022-02-07 00:00:00
Rockwellautomation Micrologix Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
2019-11-08 00:00:00
MicroLogix 1400 PLC Web Server Multiple Vulnerabilities
2016-05-31 00:00:00
cvelist
cvelist
CVE-2015-6486
2015-10-28 10:00:00
ics
ics
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.2%
Related for NVD:CVE-2015-6486