var-201904-1023
Vulnerability from variot

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine. plural Rockwell Automation The product contains an open redirect vulnerability.Information may be obtained and information may be altered. Rockwell Automation MicroLogix 1400 Controllers Series A are all programmable logic controllers from Rockwell Automation. An input validation error vulnerability exists in several Rockwell Automation products that originated from a network system or product that did not properly validate the input data. An attacker exploiting a vulnerability can build a well-designed URI and entice a user to follow it. When a victim tracks a link, they may be redirected to an attacker-controlled site to aid in phishing attacks. Other attacks are possible

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201904-1023",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "micrologix 1400 a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "*"
      },
      {
        "model": "micrologix 1100",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "14.00"
      },
      {
        "model": "compactlogix 5370 l2",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "30.014"
      },
      {
        "model": "compactlogix 5370 l3",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "30.014"
      },
      {
        "model": "compactlogix 5370 l1",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "30.014"
      },
      {
        "model": "micrologix 1400 b",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "15.002"
      },
      {
        "model": "automation micrologix controllers",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "rockwell",
        "version": "110014.00"
      },
      {
        "model": "automation compactlogix l3",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "rockwell",
        "version": "537030.014"
      },
      {
        "model": "automation compactlogix l2",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "rockwell",
        "version": "537030.014"
      },
      {
        "model": "automation compactlogix l1",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "rockwell",
        "version": "537030.014"
      },
      {
        "model": "compactlogix 5370 l1",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "30.014"
      },
      {
        "model": "compactlogix 5370 l2",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "30.014"
      },
      {
        "model": "compactlogix 5370 l3",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "30.014"
      },
      {
        "model": "micrologix 1100",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "14.00"
      },
      {
        "model": "micrologix 1400 a",
        "scope": null,
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": null
      },
      {
        "model": "micrologix 1400 b",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "15.002"
      },
      {
        "model": "automation micrologix controllers series b",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "140015.002"
      },
      {
        "model": "automation micrologix controllers series a",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "1400"
      },
      {
        "model": "automation micrologix controllers series b",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rockwall",
        "version": "140015.002"
      },
      {
        "model": "automation micrologix controllers series a",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rockwall",
        "version": "14000"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "micrologix 1400 a",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "micrologix 1400 b",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "micrologix 1100",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "compactlogix 5370 l1",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "compactlogix 5370 l2",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "compactlogix 5370 l3",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "db": "BID",
        "id": "108049"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10955"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.002",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:rockwellautomation:micrologix_1400_a_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.00",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "30.014",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "30.014",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "30.014",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10955"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Josiah Bryan and Geancarlo Palavicini,Josiah Bryan and Geancarlo Palavicini reported this vulnerability to NCCIC.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10955",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2019-10955",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2019-14396",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-142553",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.8,
            "impactScore": 2.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 6.1,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "CVE-2019-10955",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Changed",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-10955",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-14396",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201904-1053",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142553",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142553"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10955"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user\u2019s machine. plural Rockwell Automation The product contains an open redirect vulnerability.Information may be obtained and information may be altered. Rockwell Automation MicroLogix 1400 Controllers Series A are all programmable logic controllers from Rockwell Automation. An input validation error vulnerability exists in several Rockwell Automation products that originated from a network system or product that did not properly validate the input data. An attacker exploiting a vulnerability can build a well-designed URI and entice a user to follow it. When a victim tracks a link, they may be redirected to an attacker-controlled site to aid in phishing attacks. Other attacks are possible",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10955"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "db": "BID",
        "id": "108049"
      },
      {
        "db": "IVD",
        "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142553"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10955",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-113-01",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "108049",
        "trust": 2.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1053",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1385",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "97035CB3-C916-4F33-BE89-AC33B1BBE2A3",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142553",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142553"
      },
      {
        "db": "BID",
        "id": "108049"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10955"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ]
  },
  "id": "VAR-201904-1023",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142553"
      }
    ],
    "trust": 1.48571428
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:28:36.813000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://www.rockwellautomation.com/site-selection.html"
      },
      {
        "title": "Multiple Rockwell Automation products enter patches for validation error vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/161289"
      },
      {
        "title": "Multiple Rockwell Automation Product input verification error vulnerability fixes",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91903"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-601",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142553"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10955"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-113-01"
      },
      {
        "trust": 1.7,
        "url": "https://www.securityfocus.com/bid/108049"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10955"
      },
      {
        "trust": 0.9,
        "url": "https://www.rockwellautomation.com/en_in/overview.page"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10955"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/79558"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142553"
      },
      {
        "db": "BID",
        "id": "108049"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10955"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142553"
      },
      {
        "db": "BID",
        "id": "108049"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10955"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-15T00:00:00",
        "db": "IVD",
        "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
      },
      {
        "date": "2019-05-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "date": "2019-04-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142553"
      },
      {
        "date": "2019-04-23T00:00:00",
        "db": "BID",
        "id": "108049"
      },
      {
        "date": "2019-05-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "date": "2019-04-25T18:29:00.397000",
        "db": "NVD",
        "id": "CVE-2019-10955"
      },
      {
        "date": "2019-04-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14396"
      },
      {
        "date": "2020-02-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142553"
      },
      {
        "date": "2019-04-23T00:00:00",
        "db": "BID",
        "id": "108049"
      },
      {
        "date": "2019-05-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      },
      {
        "date": "2020-02-10T21:49:28.683000",
        "db": "NVD",
        "id": "CVE-2019-10955"
      },
      {
        "date": "2020-02-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Rockwell Automation Open redirect vulnerability in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004245"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation error",
    "sources": [
      {
        "db": "IVD",
        "id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
      },
      {
        "db": "BID",
        "id": "108049"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1053"
      }
    ],
    "trust": 1.1
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.