CVE-2020-6984 Vulnerability Details

  /     /     /  

CVE-2020-6984 Metadata Quick Info

CVE Published: 16/03/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: icscert | Vendor: n/a | Product: Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior
Status : PUBLISHED

---

CVE-2020-6984 Description

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-327
CWE Name: USE OF A BROKEN OR RISKY ALGORITHM FOR PASSWORD PROTECTION USE OF CLIENT-SIDE AUTHENTICATION CWE-327
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).