Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2016-2279

Published: 02/03/2016 Updated: 23/05/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Compactlogix 1769-l16er-bb1b Firmware

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L* prior to 28.011+ allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

rockwellautomation compactlogix_1769-l16er-bb1b_firmware

rockwellautomation compactlogix_1769-l18er-bb1b_firmware

rockwellautomation compactlogix_1769-l18erm-bb1b_firmware

rockwellautomation compactlogix_1769-l24er-qb1b_firmware

rockwellautomation compactlogix_1769-l24er-qbfc1b_firmware

rockwellautomation compactlogix_1769-l27erm-qbfc1b_firmware

rockwellautomation compactlogix_1769-l30er_firmware

rockwellautomation compactlogix_1769-l30erm_firmware

rockwellautomation compactlogix_1769-l30er-nse_firmware

rockwellautomation compactlogix_1769-l33er_firmware

rockwellautomation compactlogix_1769-l33erm_firmware

rockwellautomation compactlogix_1769-l36erm_firmware

rockwellautomation compactlogix_1769-l23e-qb1b_firmware

rockwellautomation compactlogix_1769-l23e-qbfc1b_firmware

rockwellautomation compactlogix_1756-en2f_series_a_firmware

rockwellautomation compactlogix_1756-en2f_series_b_firmware

rockwellautomation compactlogix_1756-en2t_series_a_firmware

rockwellautomation compactlogix_1756-en2t_series_b_firmware

rockwellautomation compactlogix_1756-en2t_series_c_firmware

rockwellautomation compactlogix_1756-en2t_series_d_firmware

rockwellautomation compactlogix_1756-en2tr_series_a_firmware

rockwellautomation compactlogix_1756-en2tr_series_b_firmware

rockwellautomation compactlogix_1756-en3tr_series_a_firmware

Exploits

Exploit DB: Rockwell Scada System 27.011 - Cross-Site Scripting
# Exploit Title: Rockwell Scada System - Cross-Site Scripting # Date: 2018-05-16 # Exploit Author: t4rkd3vilz # Vendor Homepage: rockwellautomationcom/ # Software Link: compatibilityrockwellautomationcom/Pages/MultiProductDownloadaspx?famID=4 # Version: 1769-L16ER-BB1B, Version 27011 and earlier, 1769-L18ER-BB1B, Version 27011 ...
Exploit DB: Rockwell Scada System 27.011 Cross Site Scripting
Rockwell Scada System version 27011 suffers from a cross site scripting vulnerability ...

References

CWE-79https://ics-cert.us-cert.gov/advisories/ICSA-16-061-02http://www.securitytracker.com/id/1035190https://www.exploit-db.com/exploits/44626/https://nvd.nist.govhttps://www.exploit-db.com/exploits/44626/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook