{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T15:31:57.142","vulnerabilities":[{"cve":{"id":"CVE-2017-7899","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2017-06-30T03:29:00.733","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic controllers 1766-L32AWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWAA, Series A and B, Version 16.00 and prior versions; 1766-L32BXB, Series A and B, Version 16.00 and prior versions; 1766-L32BXBA, Series A and B, Version 16.00 and prior versions; and 1766-L32AWAA, Series A and B, Version 16.00 and prior versions. User credentials are sent to the web server using the HTTP GET method, which may result in the credentials being logged. This could make user credentials available for unauthorized retrieval."},{"lang":"es","value":"Se detectó un problema de Exposición de Información en los controladores lógicos programables MicroLogix 1100 1763-L16AWA, Series A y B, versión 16.00 y anteriores; 1763-L16BBB, Serie A y B, versión 16.00 y anteriores; 1763-L16BWA, Serie A y B, versión 16.00 y anteriores; y 1763-L16DWD, Series A y B, versión 16.00 y anteriores de Allen-Bradley en Rockwell Automation y controladores lógicos programables MicroLogix 1400 1766-L32AWA, Series A y B, versión 16.00 y anteriores; 1766-L32BWA, Serie A y B, versión 16.00 y anteriores; 1766-L32BWAA, Serie A y B, versión 16.00 y anteriores; 1766-L32BXB, Serie A y B, versión 16.00 y anteriores; 1766-L32BXBA, Serie A y B, versión 16.00 y anteriores; y 1766-L32AWAA, Series A y B, versión 16.00 y anteriores de Allen-Bradley en Rockwell Automation. Las credenciales de usuario se envían al servidor web mediante el método GET HTTP, lo que puede resultar en que se registren las credenciales. Esto podría hacer que las credenciales de usuario estén disponibles para una recuperación no autorizada."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16awa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"E44D0CCE-EDA7-4DF2-B67B-C59DFAE7F888"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16awa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"58E4AB51-E136-4AA3-AFF9-50F240489856"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16bbb_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"6006CE1E-08EC-4AFC-8F35-73B24AA7F08D"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16bbb_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"F52398D3-996E-4291-887F-6B8E0AF24AFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16bwa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"61603F24-7505-4A9E-BA9E-57C7B5A60A6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16bwa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"9558148B-3000-4D83-9AB0-380D7FBB0C9A"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16dwd_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"C805AFD6-481C-4A32-9CE8-281F9B793263"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1763-l16dwd_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"DC9E1F42-4F17-4EA4-8D0F-30220F560A0E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:ab_micrologix_controller:1100:*:*:*:*:*:*:*","matchCriteriaId":"FA98842B-9D09-4C37-AB34-4E9FA566BAD8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32awa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"8C8E3AF6-1017-4A18-99CA-854F1022ED66"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32awa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"A093AA8B-7DB9-4373-AE8F-F8B879A4BE5E"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32awaa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"25DA9309-964B-4C1C-8B95-9C1CD80DDC74"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32awaa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"6D51D3F6-ABB3-4FFD-81D5-B3D3C29F0A46"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bwa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"DC05C3A1-1042-46AD-83D8-765AF4C9BCD9"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bwa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"6218A006-1F60-4E29-85CC-7D1BCBD7C734"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"6B863572-CECF-47DF-AF6F-C25F88200DBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"59BEBB0E-8C6E-4663-9E0C-E755C2EF0041"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bxb_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"1303D987-4A44-4F33-992E-0C7E683EC7A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bxb_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"1E7D8E09-D97D-45FF-9AD0-A9B0A846E600"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bxba_series_a:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"9D9C64FB-A613-4940-86E6-95431B907159"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:1766-l32bxba_series_b:*:*:*:*:*:*:*:*","versionEndIncluding":"16.000","matchCriteriaId":"B5C50D4A-EB32-4BE4-B9E6-D25494E2EF55"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:ab_micrologix_controller:1400:*:*:*:*:*:*:*","matchCriteriaId":"FFF2EF59-F451-490D-A7AF-E66D11493948"}]}]}],"references":[{"url":"http://www.securitytracker.com/id/1038546","source":"ics-cert@hq.dhs.gov"},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-115-04","source":"ics-cert@hq.dhs.gov","tags":["Patch","Third Party Advisory","US Government Resource"]},{"url":"http://www.securitytracker.com/id/1038546","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-115-04","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"]}]}}]}