A cross-site request forgery security issue exists in the product and version listed. The vulnerability stems from missing CSRF checks on the impacted form. This allows for unintended configuration modification if an attacker can convince a logged in admin to visit a crafted link.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XRockwellautomation 1783 Natr
HWRockwellautomationwszystkie wersjeRockwellautomation 1783 Natr Firmware
OSRockwellautomation< 1.007
Related vulnerabilities
Brak uwierzytelnienia w krytycznych funkcjach Rockwell Automation 1783-NATR
A Stored Cross-Site Scripting security issue exists in the affected product that could potentially allow a mal...
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in...
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 ...
Słabe szyfrowanie haseł w Rockwell Automation FactoryTalk AssetCentre