CVE-2014-0755

high

Description

Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90981

http://www.securityfocus.com/bid/65337

http://osvdb.org/102858

http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01

Details

Source: Mitre, NVD

Published: 2014-02-05

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Severity: High

Detections

Analytics