VYPR
Unrated severityNVD Advisory· Published Oct 28, 2015· Updated Jun 17, 2026

CVE-2015-6488

CVE-2015-6488

Description

Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

3
  • cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*range: <=14.000
    • cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:*:*:*:*:*:*:*:*range: <=15.002
  • Range: MicroLogix 1100 < B FRN 15.000; MicroLogix 1400 < B FRN 15.003

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.