{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T10:05:27.410","vulnerabilities":[{"cve":{"id":"CVE-2016-9338","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2017-02-13T21:59:01.627","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD, Series A and B, Version 14.000 and prior versions. Because of an Incorrect Permission Assignment for Critical Resource, users with administrator privileges may be able to remove all administrative users requiring a factory reset to restore ancillary web server function. Exploitation of this vulnerability will still allow the affected device to function in its capacity as a controller."},{"lang":"es","value":"Ha sido descubierto un problema en controlador Rockwell Automation Allen-Bradley MicroLogix 1100, 1763-L16AWA, Serie A y B, Versión 14.000 y versiones anteriores; 1763-L16BBB, Serie A y B, Versión 14.000 y versiones anteriores; 1763-L16BWA, Serie A y B, Versión 14.000 y versiones anteriores; y 1763-L16DWD, Serie A y B, Versión 14.000 y versiones anteriores. Debido a una asignación de permisos incorrecta para recursos críticos, los usuarios con privilegios de administrador pueden eliminar todos los usuarios administrativos requiriéndose un restablecimiento de fábrica para restaurar la función del servidor web auxiliar. La explotación de esta vulnerabilidad seguirá permitiendo que el dispositivo afectado funcione en su capacidad como controlador."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16awa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"14.000","matchCriteriaId":"F7434A56-A11C-4362-A806-ECC05EF81EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16awa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"14.000","matchCriteriaId":"E55698D3-601A-48E4-AD5A-C42AA32A02DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16bbb_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"14.000","matchCriteriaId":"8FBC09CC-AD8C-4412-90B0-1E798B56C4F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16bbb_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"14.000","matchCriteriaId":"58265FCD-55B4-4E9C-8A02-9702B8ED5E4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16bwa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"14.000","matchCriteriaId":"A719DAFD-8BA2-4E56-AC78-60C2D9FCBAA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16bwa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"14.000","matchCriteriaId":"530BB796-C178-49C1-ADF7-7B34E9FD6ED8"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16dwd_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"14.000","matchCriteriaId":"C6D6A13D-69AC-431B-9E12-BDB6523BB49D"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16dwd_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"14.000","matchCriteriaId":"D38291EC-779A-461C-971B-09A52C2FB668"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32awa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"44A021E4-B93B-4AA0-B7E7-A69F86666D24"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32awa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"FCE93E4A-C845-4B29-B09E-DA5EC4F22EC2"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32awaa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"CE5F717B-487B-473F-BD50-0DE76CAFD6B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32awaa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"AEB0FCA4-C3D7-46CC-9D4A-C7FE8B7D25C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bwa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"55708721-9FAF-4778-95AE-C51FAF42E234"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bwa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"7E6A9C27-E079-43CD-A348-C257AD1B2C9B"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"A2830F25-7489-4B96-8750-8E187BA155A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"391B81A5-A3BB-44FD-9849-2D9FC0A004EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bxb_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"AACFCF1B-5FD4-451E-94F9-FFE6CA3427DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bxb_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"31BCB97C-9F7C-47C7-832E-2EAA7B841CA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bxba_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"93282079-80A2-4CDF-9EF8-D9EEBAC1D238"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bxba_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"15.004","matchCriteriaId":"D4F5D81D-62BA-4655-8FB1-43BC0FF3288B"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/95302","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-16-336-06","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.securityfocus.com/bid/95302","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-16-336-06","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}],"evaluatorComment":"<a href=\"http://cwe.mitre.org/data/definitions/732.html\">CWE-732: Incorrect Permission Assignment for Critical Resource</a>"}}]}