Vulnerability Details CVE-2016-9334
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD, Series A and B, Version 14.000 and prior versions. User credentials are sent to the web server in clear text, which may allow an attacker to discover the credentials if they are able to observe traffic between the web browser and the server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.8%
CVSS Severity
CVSS v3 Score 7.3
CVSS v2 Score 5.0
References
Products affected by CVE-2016-9334
-
cpe:2.3:a:rockwellautomation:1763-l16awa_series_a:14.000
-
cpe:2.3:a:rockwellautomation:1763-l16awa_series_b:14.000
-
cpe:2.3:a:rockwellautomation:1763-l16bbb_series_a:14.000
-
cpe:2.3:a:rockwellautomation:1763-l16bbb_series_b:14.000
-
cpe:2.3:a:rockwellautomation:1763-l16bwa_series_a:14.000
-
cpe:2.3:a:rockwellautomation:1763-l16bwa_series_b:14.000
-
cpe:2.3:a:rockwellautomation:1763-l16dwd_series_a:14.000
-
cpe:2.3:a:rockwellautomation:1763-l16dwd_series_b:14.000
-
cpe:2.3:a:rockwellautomation:1766-l32awa_series_a:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32awa_series_b:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32awaa_series_a:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32awaa_series_b:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32bwa_series_a:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32bwa_series_b:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_a:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_b:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32bxb_series_a:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32bxb_series_b:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32bxba_series_a:15.004
-
cpe:2.3:a:rockwellautomation:1766-l32bxba_series_b:15.004