PT-2017-17990 · Rockwell Automation · Panelview Plus 6

Published

2017-06-14

Updated

2019-10-09

CVE-2017-7914

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions Rockwell Automation PanelView Plus 6 versions 6.00.04 through 8.00-20141023

Description A Missing Authorization issue allows an attacker to gain remote access to the device due to the lack of an authorization check when connecting.

Recommendations For versions 6.00.04 through 8.00-20141023, consider implementing additional authorization checks to restrict remote access until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-882CWE-862

Related Identifiers

CVE-2017-7914

Affected Products

Panelview Plus 6

PT-2017-17990 · Rockwell Automation · Panelview Plus 6

CVE-2017-7914

Weakness Enumeration

Related Identifiers

Affected Products

References · 3