← Voltar para CVEs
CVE-2014-0755
N/ADescricao
Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado2/5/2014
Ultima modificacao4/29/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
rockwellautomation:logix_5000_controllerrockwellautomation:rslogix_5000_design_and_configuration_software
Fraquezas (CWE)
CWE-522CWE-255
Referencias
http://osvdb.org/102858(ics-cert@hq.dhs.gov)
http://www.securityfocus.com/bid/65337(ics-cert@hq.dhs.gov)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90981(ics-cert@hq.dhs.gov)
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204(ics-cert@hq.dhs.gov)
https://www.cisa.gov/news-events/ics-advisories/icsa-14-021-01(ics-cert@hq.dhs.gov)
http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/102858(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/65337(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90981(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.