← Back

CVE-2014-0755

nvd nist
Published: Feb 5, 2014Modified: Apr 29, 2026

JSON object

Loading...
6.9
Vector
AV:L/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 3.4 / Impact: 10.0
Source: NVD

Description

Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.

Affected (4)

Rockwellautomation
1 product
Rslogix 5000 Design And Configuration Software
Configuration A
4 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rslogix 5000 Design And Configuration Software
Version 18.0
Rslogix 5000 Design And Configuration Software
Version 20.01
Rslogix 5000 Design And Configuration Software
Version 21.0
Rslogix 5000 Design And Configuration Software
Version 7.0
Running on/withPlatform Versions
Rockwellautomation
Logix 5000 Controller
All versions

Related CWEs

CWE-255
CWE-255
CWE-522
Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (9)

Source: ics-cert@hq.dhs.gov
Source: ics-cert@hq.dhs.gov
Source: ics-cert@hq.dhs.gov
Source: ics-cert@hq.dhs.gov
Source: ics-cert@hq.dhs.gov
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.