{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T17:21:19.250","vulnerabilities":[{"cve":{"id":"CVE-2022-46670","sourceIdentifier":"PSIRT@rockwellautomation.com","published":"2022-12-16T21:15:09.040","lastModified":"2024-11-21T07:30:52.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nRockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution.  The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website. \n\n"},{"lang":"es","value":"Un investigador de seguridad del Instituto de Tecnología de Georgia informó a Rockwell Automation de una vulnerabilidad que indica que los controladores MicroLogix 1100 y 1400 contienen una vulnerabilidad que puede brindarle a un atacante la capacidad de realizar la ejecución remota de código. La vulnerabilidad es de Cross-Site Scripting almacenado, no autenticada en el servidor web integrado. El payload se transfiere al controlador a través de SNMP y se representa en la página de inicio del sitio web integrado."}],"metrics":{"cvssMetricV31":[{"source":"PSIRT@rockwellautomation.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"PSIRT@rockwellautomation.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11507EFF-5C53-4217-9257-21936118C032"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*","matchCriteriaId":"196EA0BE-FDF3-46BE-B3DA-5F49208C5D80"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DCE86CDF-12CC-4B02-942D-BF9134218F2B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*","matchCriteriaId":"DA42C7F4-EEC1-44D2-BD46-237969FF6E1A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rockwellautomation:micrologix_1400-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"21.007","matchCriteriaId":"E6C4D215-CB09-4BEA-89A6-2BAACD461FBE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:micrologix_1400-b:-:*:*:*:*:*:*:*","matchCriteriaId":"3D01BD0A-CA96-4882-8523-EC4D522DA4AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rockwellautomation:micrologix_1400-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"21.007","matchCriteriaId":"FD745E1D-10D9-4FD6-9F7C-63CB51F3C454"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:micrologix_1400-c:-:*:*:*:*:*:*:*","matchCriteriaId":"DC9A2DE5-E745-4F1B-931C-E11814A7D23A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rockwellautomation:micrologix_1400-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"7.000","matchCriteriaId":"2E2B3E77-CF64-4D7F-A849-5462CABB576D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:micrologix_1400-a:-:*:*:*:*:*:*:*","matchCriteriaId":"81AFED05-B927-4BF7-ABC5-5E3F7555593D"}]}]}],"references":[{"url":"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137679","source":"PSIRT@rockwellautomation.com","tags":["Vendor Advisory"]},{"url":"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137679","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}