Detections
Analytics
Rockwell Automation/Allen-Bradley Multiple Devices Cleartext Transmission
high Nessus Network Monitor Plugin ID 720095
Synopsis
An issue was discovered in Rockwell Automation Allen-Bradley controllers where user credentials are send to the web server in cleartext.Description
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD, Series A and B, Version 14.000 and prior versions. User credentials are sent to the web server in clear text, which may allow an attacker to discover the credentials if they are able to observe traffic between the web browser and the server.Solution
Perform vendor recommended mitigations and apply available vendor upgrades.See Also
http://www.securityfocus.com/bid/95302,https://ics-cert.us-cert.gov/advisories/ICSA-16-336-06
Plugin Details
Severity: High
ID: 720095
Family: SCADA
Published: 5/8/2019
Updated: 9/30/2019
Risk Information
VPR
Risk Factor: Low
Score: 3.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS v3
Risk Factor: High
Base Score: 7.3
Temporal Score: 6.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Patch Publication Date: 1/5/2017
Vulnerability Publication Date: 1/5/2017
Reference Information
CVE: CVE-2016-9334
BID: 95302