VAR-201904-1023
Vulnerability from variot - Updated: 2023-12-18 13:28In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine. plural Rockwell Automation The product contains an open redirect vulnerability.Information may be obtained and information may be altered. Rockwell Automation MicroLogix 1400 Controllers Series A are all programmable logic controllers from Rockwell Automation. An input validation error vulnerability exists in several Rockwell Automation products that originated from a network system or product that did not properly validate the input data. An attacker exploiting a vulnerability can build a well-designed URI and entice a user to follow it. When a victim tracks a link, they may be redirected to an attacker-controlled site to aid in phishing attacks. Other attacks are possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-1023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "micrologix 1400 a",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "*"
},
{
"model": "micrologix 1100",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "14.00"
},
{
"model": "compactlogix 5370 l2",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "30.014"
},
{
"model": "compactlogix 5370 l3",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "30.014"
},
{
"model": "compactlogix 5370 l1",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "30.014"
},
{
"model": "micrologix 1400 b",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "15.002"
},
{
"model": "automation micrologix controllers",
"scope": "eq",
"trust": 0.9,
"vendor": "rockwell",
"version": "110014.00"
},
{
"model": "automation compactlogix l3",
"scope": "eq",
"trust": 0.9,
"vendor": "rockwell",
"version": "537030.014"
},
{
"model": "automation compactlogix l2",
"scope": "eq",
"trust": 0.9,
"vendor": "rockwell",
"version": "537030.014"
},
{
"model": "automation compactlogix l1",
"scope": "eq",
"trust": 0.9,
"vendor": "rockwell",
"version": "537030.014"
},
{
"model": "compactlogix 5370 l1",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "30.014"
},
{
"model": "compactlogix 5370 l2",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "30.014"
},
{
"model": "compactlogix 5370 l3",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "30.014"
},
{
"model": "micrologix 1100",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "14.00"
},
{
"model": "micrologix 1400 a",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "micrologix 1400 b",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "15.002"
},
{
"model": "automation micrologix controllers series b",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwell",
"version": "140015.002"
},
{
"model": "automation micrologix controllers series a",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwell",
"version": "1400"
},
{
"model": "automation micrologix controllers series b",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwall",
"version": "140015.002"
},
{
"model": "automation micrologix controllers series a",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwall",
"version": "14000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "micrologix 1400 a",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "micrologix 1400 b",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "micrologix 1100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "compactlogix 5370 l1",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "compactlogix 5370 l2",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "compactlogix 5370 l3",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
},
{
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"db": "BID",
"id": "108049"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"db": "NVD",
"id": "CVE-2019-10955"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.002",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:micrologix_1400_a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "30.014",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "30.014",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "30.014",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10955"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Josiah Bryan and Geancarlo Palavicini,Josiah Bryan and Geancarlo Palavicini reported this vulnerability to NCCIC.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
],
"trust": 0.6
},
"cve": "CVE-2019-10955",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-10955",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-14396",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-142553",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2019-10955",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10955",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-14396",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-1053",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142553",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
},
{
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"db": "VULHUB",
"id": "VHN-142553"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"db": "NVD",
"id": "CVE-2019-10955"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user\u2019s machine. plural Rockwell Automation The product contains an open redirect vulnerability.Information may be obtained and information may be altered. Rockwell Automation MicroLogix 1400 Controllers Series A are all programmable logic controllers from Rockwell Automation. An input validation error vulnerability exists in several Rockwell Automation products that originated from a network system or product that did not properly validate the input data. An attacker exploiting a vulnerability can build a well-designed URI and entice a user to follow it. When a victim tracks a link, they may be redirected to an attacker-controlled site to aid in phishing attacks. Other attacks are possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10955"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"db": "BID",
"id": "108049"
},
{
"db": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
},
{
"db": "VULHUB",
"id": "VHN-142553"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10955",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-113-01",
"trust": 3.4
},
{
"db": "BID",
"id": "108049",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1053",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-14396",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004245",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.1385",
"trust": 0.6
},
{
"db": "IVD",
"id": "97035CB3-C916-4F33-BE89-AC33B1BBE2A3",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-142553",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
},
{
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"db": "VULHUB",
"id": "VHN-142553"
},
{
"db": "BID",
"id": "108049"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"db": "NVD",
"id": "CVE-2019-10955"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
]
},
"id": "VAR-201904-1023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
},
{
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"db": "VULHUB",
"id": "VHN-142553"
}
],
"trust": 1.48571428
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
},
{
"db": "CNVD",
"id": "CNVD-2019-14396"
}
]
},
"last_update_date": "2023-12-18T13:28:36.813000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.rockwellautomation.com/site-selection.html"
},
{
"title": "Multiple Rockwell Automation products enter patches for validation error vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/161289"
},
{
"title": "Multiple Rockwell Automation Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91903"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-601",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142553"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"db": "NVD",
"id": "CVE-2019-10955"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-113-01"
},
{
"trust": 1.7,
"url": "https://www.securityfocus.com/bid/108049"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10955"
},
{
"trust": 0.9,
"url": "https://www.rockwellautomation.com/en_in/overview.page"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10955"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/79558"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"db": "VULHUB",
"id": "VHN-142553"
},
{
"db": "BID",
"id": "108049"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"db": "NVD",
"id": "CVE-2019-10955"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
},
{
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"db": "VULHUB",
"id": "VHN-142553"
},
{
"db": "BID",
"id": "108049"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"db": "NVD",
"id": "CVE-2019-10955"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-15T00:00:00",
"db": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
},
{
"date": "2019-05-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"date": "2019-04-25T00:00:00",
"db": "VULHUB",
"id": "VHN-142553"
},
{
"date": "2019-04-23T00:00:00",
"db": "BID",
"id": "108049"
},
{
"date": "2019-05-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"date": "2019-04-25T18:29:00.397000",
"db": "NVD",
"id": "CVE-2019-10955"
},
{
"date": "2019-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-14396"
},
{
"date": "2020-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-142553"
},
{
"date": "2019-04-23T00:00:00",
"db": "BID",
"id": "108049"
},
{
"date": "2019-05-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004245"
},
{
"date": "2020-02-10T21:49:28.683000",
"db": "NVD",
"id": "CVE-2019-10955"
},
{
"date": "2020-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Rockwell Automation Open redirect vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004245"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation error",
"sources": [
{
"db": "IVD",
"id": "97035cb3-c916-4f33-be89-ac33b1bbe2a3"
},
{
"db": "BID",
"id": "108049"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1053"
}
],
"trust": 1.1
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…