Unrated severityNVD Advisory· Published Oct 28, 2015· Updated Jun 17, 2026
CVE-2015-6488
CVE-2015-6488
Description
Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected products
3cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*range: <=14.000
- cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:*:*:*:*:*:*:*:*range: <=15.002
- Range: MicroLogix 1100 < B FRN 15.000; MicroLogix 1400 < B FRN 15.003
Patches
Vulnerability mechanics
References
1- ics-cert.us-cert.gov/advisories/ICSA-15-300-03nvdPatchThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.