Vulnerability Description
Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Controllogix 1756-Enbt\/A Ethernet\/ Ip Bridge | - |
Related Weaknesses (CWE)
References
- http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduseVendor Advisory
- http://secunia.com/advisories/33783
- http://www.kb.cert.org/vuls/id/619499US Government Resource
- http://www.securityfocus.com/bid/33636
- http://www.vupen.com/english/advisories/2009/0347
- http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduseVendor Advisory
- http://secunia.com/advisories/33783
- http://www.kb.cert.org/vuls/id/619499US Government Resource
- http://www.securityfocus.com/bid/33636
- http://www.vupen.com/english/advisories/2009/0347
FAQ
What is CVE-2009-0473?
CVE-2009-0473 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and cond...
How severe is CVE-2009-0473?
CVE-2009-0473 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0473?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Controllogix 1756-Enbt\/A Ethernet\/ Ip Bridge.