EUVD-2017-16872

Malware in sbrugna...

Predictable Value Range from Previous Values

Overview Affected versions of this package are vulnerable to Predictable Value Range from Previous Values via the boundary value, which uses Math.random. An attacker can manipulate HTTP request boundaries by exploiting predictable values, potentially leading to HTTP parameter pollution. Remediati...

Schneider Electric Modicon PLCs Insufficiently Protected Credentials (CVE-2017-6028)

An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. Log-in credentials are sent over the network with Base64 encoding leaving them susceptible to sniffing. Sniffed credentials...

Schneider Electric Modicon PLCs Predictable Value Range From Previous Values (CVE-2017-6030)

A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2022-22700

CyberArk Identity (versions up to 22.1) exposes the response header X-CFY-TX-TM in the StartAuthentication resource. In certain configurations this header contains predictable value ranges that can be used to infer whether a user exists in the tenant. The CVE is CVE-2022-22700; it is a header lea...

Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Predictable Value Range From Previous Values (CVE-2017-7901)

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

Rockwellautomation 1763-l16awa Use of Insufficiently Random Values

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

Schneider Electric Modicon PLCs Predictable Value Range

Binary data 720116.prm...

Rockwell Automation/Allen-Bradley MicroLogix Controllers <= 16.00 Predictable Value Range

Binary data 720125.prm...

CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

CVE-2017-6030

A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

CVE-2017-6030 Schneider Electric Modicon PLCs Predictable Value Range from Previous Values

A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2017-6030

CVE-2017-6030 affects Schneider Electric Modicon PLCs (M221, M241, M251) with firmware versions prior to 1.5.0.0 (M221) and prior to 4.0.5.11 (M241/M251). The issue is a Predictable Value Range from Previous Values causing insufficiently random TCP initial sequence numbers, enabling an attacker t...

CVE-2017-7901

CVE-2017-7901 affects Rockwell Automation Allen-Bradley MicroLogix 1100 (1763-L16A.. series A/B, 16.00 and earlier) and MicroLogix 1400 (1766-L32A.. series A/B, 16.00 and earlier). Root cause: generation of insufficiently random TCP initial sequence numbers , enabling an attacker to predict numbe...

PT-2017-17982 · Rockwell Automation · Micrologix 1100 +1

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers versions 16.00 and prior Rockwell Automation Allen-Bradley MicroLogix 1400 programmable logic controllers versions 16.00 and prior Description: A Predictable Val...

Schneider Electric Modicon PLCs

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: Modicon PLCs Vulnerability: Predictable Value Range from Previous Values, Use of Insufficiently Random Values, Insufficiently Protected Credentials AFFECTED PRODUCTS The following version...