CVE-2019-10955

25.04.2019, 18:29

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the users machine.

Open Redirect

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.1 MEDIUM	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
icscert	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 85%

Vendor	Product	Version
rockwellautomation	micrologix_1400_a_firmware	*
rockwellautomation	micrologix_1400_b_firmware	𝑥 ≤ 15.002
rockwellautomation	micrologix_1100_firmware	𝑥 ≤ 14.00
rockwellautomation	compactlogix_5370_l1_firmware	𝑥 ≤ 30.014
rockwellautomation	compactlogix_5370_l2_firmware	𝑥 ≤ 30.014
rockwellautomation	compactlogix_5370_l3_firmware	𝑥 ≤ 30.014

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-113-01

https://www.securityfocus.com/bid/108049

https://ics-cert.us-cert.gov/advisories/ICSA-19-113-01

https://www.securityfocus.com/bid/108049