CVE-2015-6486

Name of the Vulnerable Software and Affected Versions Micrologix 1100 versions before B FRN 15.000 Micrologix 1400 versions before B FRN 15.003

Description The issue is related to a lack of protection against SQL query structure attacks. Exploitation of this issue may allow a remote attacker to execute arbitrary SQL commands, potentially leading to the creation or deletion of accounts, or the elevation of privileges of existing accounts.

Recommendations For Micrologix 1100 versions before B FRN 15.000, update to a version B FRN 15.000 or later. For Micrologix 1400 versions before B FRN 15.003, update to a version B FRN 15.003 or later. As a temporary workaround, consider restricting access to the SQL query functionality to minimize the risk of exploitation.