Detections
Analytics

Rockwell Automation 1756-ENBT/A Open Redirect

medium Nessus Network Monitor Plugin ID 720207

Synopsis

Rockwell Automation 1756-ENBT/A allows a remote attacker to redirect users to arbitrary web sites via unspecified vectors.

Description

Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Solution

Perform vendor recommended mitigations and apply available vendor upgrades.

See Also

http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729

Plugin Details

Severity: Medium

ID: 720207

Family: SCADA

Published: 5/8/2019

Updated: 9/30/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

Patch Publication Date: 2/6/2009

Vulnerability Publication Date: 2/6/2009

Reference Information

CVE: CVE-2009-0473

BID: 33636