PT-2015-3351 · Omron · Cx-One Cx-Programmer+2
Stephen Dunlap
·
Publicado
2015-10-01
·
Atualizado
2026-06-02
·
CVE-2015-0987
CVSS v3.1
10
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H |
Name of the Vulnerable Software and Affected Versions
Omron CX-One CX-Programmer versions prior to 9.6
Omron CJ2M PLC devices versions prior to 2.1
Omron CJ2H PLC devices versions prior to 1.5
Description
The issue is related to the transmission of passwords in cleartext, which can be exploited by a remote attacker to obtain sensitive information by sniffing the network traffic during the authentication process. This can allow an attacker to intercept passwords, potentially leading to unauthorized access.
Recommendations
For Omron CX-One CX-Programmer versions prior to 9.6, update to version 9.6 or later to resolve the issue.
For Omron CJ2M PLC devices versions prior to 2.1, update to version 2.1 or later to resolve the issue.
For Omron CJ2H PLC devices versions prior to 1.5, update to version 1.5 or later to resolve the issue.
Correção
Information Disclosure
Cleartext Transmission of Sensitive Information
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Cj2H Plc
Cj2M Plc
Cx-One Cx-Programmer