Vulnerability Description
The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to obtain "internal web page information" and "internal information about the module" via unspecified vectors. NOTE: this may overlap CVE-2002-1603.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Controllogix 1756-Enbt\/A Ethernet\/ Ip Bridge | - |
Related Weaknesses (CWE)
References
- http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduseVendor Advisory
- http://secunia.com/advisories/33783
- http://www.kb.cert.org/vuls/id/124059US Government Resource
- http://www.kb.cert.org/vuls/id/RGII-7MWKZ3
- http://www.vupen.com/english/advisories/2009/0347
- http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduseVendor Advisory
- http://secunia.com/advisories/33783
- http://www.kb.cert.org/vuls/id/124059US Government Resource
- http://www.kb.cert.org/vuls/id/RGII-7MWKZ3
- http://www.vupen.com/english/advisories/2009/0347
FAQ
What is CVE-2009-0474?
CVE-2009-0474 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to obtain "internal web page information" and "internal information about the mo...
How severe is CVE-2009-0474?
CVE-2009-0474 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0474?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Controllogix 1756-Enbt\/A Ethernet\/ Ip Bridge.