{"containers": {"cna": {"affected": [{"product": "MicroLogix 1400", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "21.007", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "MicroLogix 1100", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "All versions"}]}], "credits": [{"lang": "en", "value": "Pawan V. Sable and Pranita Binnar from Veermata Jijabai Technological Institute (VJTI) reported this vulnerability to Rockwell Automation."}], "datePublic": "2022-07-19T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1021", "description": "CWE-1021", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-20T15:36:32.000Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994"}], "source": {"discovery": "EXTERNAL"}, "title": "ICSA-22-188-01 Rockwell Automation MicroLogix Improper Restriction of Rendered UI Layers or Frames", "workarounds": [{"lang": "en", "value": "Rockwell Automation encourages those using the affected software to implement the mitigations below to minimize risk. Additionally, Rockwell Automation encourages users to combine risk mitigations with security best practices (also provided below) to deploy a defense-in-depth strategy.\n\n Disable the web server where possible (this component is an optional feature and disabling it will not disrupt the intended use of the device).\n Configure firewalls to disallow network communication through HTTP/Port 80\n\nIf applying the mitigations noted above are not possible, please see Rockwell Automation\u2019s Knowledgebase article QA43240 Security Best Practices.\n\nFor more information, please see the industrial security advisory from Rockwell Automation."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "DATE_PUBLIC": "2022-07-19T20:09:00.000Z", "ID": "CVE-2022-2179", "STATE": "PUBLIC", "TITLE": "ICSA-22-188-01 Rockwell Automation MicroLogix Improper Restriction of Rendered UI Layers or Frames"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MicroLogix 1400", "version": {"version_data": [{"version_affected": "<=", "version_value": "21.007"}]}}, {"product_name": "MicroLogix 1100", "version": {"version_data": [{"version_affected": "=", "version_value": "All versions"}]}}]}, "vendor_name": "Rockwell Automation"}]}}, "credit": [{"lang": "eng", "value": "Pawan V. Sable and Pranita Binnar from Veermata Jijabai Technological Institute (VJTI) reported this vulnerability to Rockwell Automation."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-1021"}]}]}, "references": {"reference_data": [{"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01", "refsource": "CONFIRM", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01"}, {"name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994", "refsource": "CONFIRM", "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994"}]}, "source": {"discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "Rockwell Automation encourages those using the affected software to implement the mitigations below to minimize risk. Additionally, Rockwell Automation encourages users to combine risk mitigations with security best practices (also provided below) to deploy a defense-in-depth strategy.\n\n Disable the web server where possible (this component is an optional feature and disabling it will not disrupt the intended use of the device).\n Configure firewalls to disallow network communication through HTTP/Port 80\n\nIf applying the mitigations noted above are not possible, please see Rockwell Automation\u2019s Knowledgebase article QA43240 Security Best Practices.\n\nFor more information, please see the industrial security advisory from Rockwell Automation."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:32:07.933Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-16T15:51:04.270712Z", "id": "CVE-2022-2179", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-16T16:14:37.655Z"}}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2022-2179", "datePublished": "2022-07-20T15:36:33.007Z", "dateReserved": "2022-06-22T00:00:00.000Z", "dateUpdated": "2025-04-16T16:14:37.655Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:32:07.933Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-2179", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-16T15:51:04.270712Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-16T15:51:05.793Z"}}], "cna": {"title": "ICSA-22-188-01 Rockwell Automation MicroLogix Improper Restriction of Rendered UI Layers or Frames", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "Pawan V. Sable and Pranita Binnar from Veermata Jijabai Technological Institute (VJTI) reported this vulnerability to Rockwell Automation."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Rockwell Automation", "product": "MicroLogix 1400", "versions": [{"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "21.007"}]}, {"vendor": "Rockwell Automation", "product": "MicroLogix 1100", "versions": [{"status": "affected", "version": "All versions"}]}], "datePublic": "2022-07-19T00:00:00.000Z", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994", "tags": ["x_refsource_CONFIRM"]}], "workarounds": [{"lang": "en", "value": "Rockwell Automation encourages those using the affected software to implement the mitigations below to minimize risk. Additionally, Rockwell Automation encourages users to combine risk mitigations with security best practices (also provided below) to deploy a defense-in-depth strategy.\n\n Disable the web server where possible (this component is an optional feature and disabling it will not disrupt the intended use of the device).\n Configure firewalls to disallow network communication through HTTP/Port 80\n\nIf applying the mitigations noted above are not possible, please see Rockwell Automation\u2019s Knowledgebase article QA43240 Security Best Practices.\n\nFor more information, please see the industrial security advisory from Rockwell Automation."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1021", "description": "CWE-1021"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2022-07-20T15:36:32.000Z"}, "x_legacyV4Record": {"credit": [{"lang": "eng", "value": "Pawan V. Sable and Pranita Binnar from Veermata Jijabai Technological Institute (VJTI) reported this vulnerability to Rockwell Automation."}], "impact": {"cvss": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, "source": {"discovery": "EXTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "21.007", "version_affected": "<="}]}, "product_name": "MicroLogix 1400"}, {"version": {"version_data": [{"version_value": "All versions", "version_affected": "="}]}, "product_name": "MicroLogix 1100"}]}, "vendor_name": "Rockwell Automation"}]}}, "data_type": "CVE", "generator": {"engine": "Vulnogram 0.0.9"}, "references": {"reference_data": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01", "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01", "refsource": "CONFIRM"}, {"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994", "name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-1021"}]}]}, "work_around": [{"lang": "en", "value": "Rockwell Automation encourages those using the affected software to implement the mitigations below to minimize risk. Additionally, Rockwell Automation encourages users to combine risk mitigations with security best practices (also provided below) to deploy a defense-in-depth strategy.\n\n Disable the web server where possible (this component is an optional feature and disabling it will not disrupt the intended use of the device).\n Configure firewalls to disallow network communication through HTTP/Port 80\n\nIf applying the mitigations noted above are not possible, please see Rockwell Automation\u2019s Knowledgebase article QA43240 Security Best Practices.\n\nFor more information, please see the industrial security advisory from Rockwell Automation."}], "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-2179", "STATE": "PUBLIC", "TITLE": "ICSA-22-188-01 Rockwell Automation MicroLogix Improper Restriction of Rendered UI Layers or Frames", "ASSIGNER": "[email protected]", "DATE_PUBLIC": "2022-07-19T20:09:00.000Z"}}}}, "cveMetadata": {"cveId": "CVE-2022-2179", "state": "PUBLISHED", "dateUpdated": "2025-04-16T16:14:37.655Z", "dateReserved": "2022-06-22T00:00:00.000Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2022-07-20T15:36:33.007Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5252A0C-A923-4BA0-A857-9BF21F8BF79B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA42C7F4-EEC1-44D2-BD46-237969FF6E1A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A358F0EC-45CC-4BF4-8DF0-DD43556D1BE6", "versionEndIncluding": "21.007", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*", "matchCriteriaId": "196EA0BE-FDF3-46BE-B3DA-5F49208C5D80", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks."}, {"lang": "es", "value": "El encabezado X-Frame-Options en Rockwell Automation MicroLogix 1100/1400 Versiones 21.007 y anteriores, no est\u00e1 configurado en la respuesta HTTP, lo que podr\u00eda permitir ataques de clickjacking"}], "id": "CVE-2022-2179", "lastModified": "2024-11-21T07:00:29.217", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2022-07-20T16:15:09.030", "references": [{"source": "[email protected]", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1021"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-1021"}], "source": "[email protected]", "type": "Primary"}]}

{}