CVE-2016-8380

HIGH Year: 2016
CVSS v3 Score
7.3
High
CVSS v2 Score
7.5
High
Weakness Type
CWE-767
View all →

Vulnerability Description

The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.

Related Vulnerabilities

CVE-2020-26868

HIGH
CVSS:7.5(High)

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimat...

CWE-7672020

CVE-2024-36463

MEDIUM
CVSS:6.5(Medium)

The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects.

CWE-7672024

CVE-2020-26868

HIGH
CVSS:7.5(High)

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimat...

CWE-7672020

CVE-2024-36463

MEDIUM
CVSS:6.5(Medium)

The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects.

CWE-7672024

CVE-2024-34162

MEDIUM
CVSS:5.3(Medium)

The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP...

CWE-7672024