CVE-2016-2279
02.03.2016, 11:59
Cross-site scripting (XSS) vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L* before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
| Vendor | Product | Version |
|---|---|---|
| rockwellautomation | compactlogix_1769-l16er-bb1b_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l18er-bb1b_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l18erm-bb1b_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l24er-qb1b_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l24er-qbfc1b_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l27erm-qbfc1b_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l30er_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l30erm_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l30er-nse_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l33er_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l33erm_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l36erm_firmware | 𝑥 ≤ 27.011 |
| rockwellautomation | compactlogix_1769-l23e-qb1b_firmware | 𝑥 ≤ 20.018 |
| rockwellautomation | compactlogix_1769-l23e-qbfc1b_firmware | 𝑥 ≤ 20.018 |
| rockwellautomation | compactlogix_1756-en2f_series_a_firmware | * |
| rockwellautomation | compactlogix_1756-en2f_series_b_firmware | * |
| rockwellautomation | compactlogix_1756-en2t_series_a_firmware | * |
| rockwellautomation | compactlogix_1756-en2t_series_b_firmware | * |
| rockwellautomation | compactlogix_1756-en2t_series_c_firmware | * |
| rockwellautomation | compactlogix_1756-en2t_series_d_firmware | 𝑥 ≤ 10.007 |
| rockwellautomation | compactlogix_1756-en2tr_series_a_firmware | * |
| rockwellautomation | compactlogix_1756-en2tr_series_b_firmware | * |
| rockwellautomation | compactlogix_1756-en3tr_series_a_firmware | * |
𝑥
= Vulnerable software versions