Rockwell Automation ControlLogix controllers Improper Authentication (CVE-2012-6440)

The web-server password-authentication functionality in Rockwell Automation MicroLogix 1100 and 1400 allows man-in-the-middle attackers to conduct replay attacks via HTTP traffic. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

CVE-2012-6440

The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of this vulnerability will allow unauthorized access of the product’s Web server to view and alter product configuration and diagnostics information. Rockwell...

CVE-2012-6440 Rockwell Automation ControlLogix PLC Improper Input Validation

The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of this vulnerability will allow unauthorized access of the product’s Web server to view and alter product configuration and diagnostics information. Rockwell...

CVE-2012-6440

CVE-2012-6440 affects Rockwell Automation EtherNet/IP products (e.g., 1756-ENBT/EWEB, 1768-ENBT/EWEB, CompactLogix L32E/L35E, 1788-ENBT, 1794-AENTR, MicroLogix 1100/1400, and pre‑20x controllers). The vulnerability arises from the Web server password authentication mechanism, enabling MitM and Re...