CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32926

When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2021-32926

Rockwellautomation » Micro800 » Version: N/A

cpe:2.3:h:rockwellautomation:micro800:-
Rockwellautomation » Micrologix 1400 » Version: N/A

cpe:2.3:h:rockwellautomation:micrologix_1400:-
Rockwellautomation » Micro800 Firmware » Version: N/A

cpe:2.3:o:rockwellautomation:micro800_firmware:-
Rockwellautomation » Micrologix 1400 Firmware » Version: 21.0

cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:21.0
Rockwellautomation » Micrologix 1400 Firmware » Version: 21.007

cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:21.007
Rockwellautomation » Micrologix 1400 Firmware » Version: 21.6

cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:21.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32926

Products

Pricing

Contact Us