CVE-2022-2179 - OpenCVE

The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	Micrologix 1100 Micrologix 1100 Firmware Micrologix 1400 Micrologix 1400 Firmware

Configuration 1 [-]

AND

cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*

cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*

cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994
https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2022-07-20T15:36:33.007367Z

Updated: 2024-09-16T16:52:42.154Z

Reserved: 2022-06-22T00:00:00

Link: CVE-2022-2179

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-07-20T16:15:09.030

Modified: 2022-07-27T21:45:52.333

Link: CVE-2022-2179

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "MicroLogix 1400", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "21.007", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "MicroLogix 1100", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "All versions"}]}], "credits": [{"lang": "en", "value": "Pawan V. Sable and Pranita Binnar from Veermata Jijabai Technological Institute (VJTI) reported this vulnerability to Rockwell Automation."}], "datePublic": "2022-07-19T00:00:00", "descriptions": [{"lang": "en", "value": "The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1021", "description": "CWE-1021", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-20T15:36:32", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994"}], "source": {"discovery": "EXTERNAL"}, "title": "ICSA-22-188-01 Rockwell Automation MicroLogix Improper Restriction of Rendered UI Layers or Frames", "workarounds": [{"lang": "en", "value": "Rockwell Automation encourages those using the affected software to implement the mitigations below to minimize risk. Additionally, Rockwell Automation encourages users to combine risk mitigations with security best practices (also provided below) to deploy a defense-in-depth strategy.\n\n Disable the web server where possible (this component is an optional feature and disabling it will not disrupt the intended use of the device).\n Configure firewalls to disallow network communication through HTTP/Port 80\n\nIf applying the mitigations noted above are not possible, please see Rockwell Automation\u2019s Knowledgebase article QA43240 Security Best Practices.\n\nFor more information, please see the industrial security advisory from Rockwell Automation."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "DATE_PUBLIC": "2022-07-19T20:09:00.000Z", "ID": "CVE-2022-2179", "STATE": "PUBLIC", "TITLE": "ICSA-22-188-01 Rockwell Automation MicroLogix Improper Restriction of Rendered UI Layers or Frames"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MicroLogix 1400", "version": {"version_data": [{"version_affected": "<=", "version_value": "21.007"}]}}, {"product_name": "MicroLogix 1100", "version": {"version_data": [{"version_affected": "=", "version_value": "All versions"}]}}]}, "vendor_name": "Rockwell Automation"}]}}, "credit": [{"lang": "eng", "value": "Pawan V. Sable and Pranita Binnar from Veermata Jijabai Technological Institute (VJTI) reported this vulnerability to Rockwell Automation."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-1021"}]}]}, "references": {"reference_data": [{"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01", "refsource": "CONFIRM", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01"}, {"name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994", "refsource": "CONFIRM", "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994"}]}, "source": {"discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "Rockwell Automation encourages those using the affected software to implement the mitigations below to minimize risk. Additionally, Rockwell Automation encourages users to combine risk mitigations with security best practices (also provided below) to deploy a defense-in-depth strategy.\n\n Disable the web server where possible (this component is an optional feature and disabling it will not disrupt the intended use of the device).\n Configure firewalls to disallow network communication through HTTP/Port 80\n\nIf applying the mitigations noted above are not possible, please see Rockwell Automation\u2019s Knowledgebase article QA43240 Security Best Practices.\n\nFor more information, please see the industrial security advisory from Rockwell Automation."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:32:07.933Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2022-2179", "datePublished": "2022-07-20T15:36:33.007367Z", "dateReserved": "2022-06-22T00:00:00", "dateUpdated": "2024-09-16T16:52:42.154Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA42C7F4-EEC1-44D2-BD46-237969FF6E1A", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5252A0C-A923-4BA0-A857-9BF21F8BF79B", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*", "matchCriteriaId": "196EA0BE-FDF3-46BE-B3DA-5F49208C5D80", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A358F0EC-45CC-4BF4-8DF0-DD43556D1BE6", "versionEndIncluding": "21.007", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks."}, {"lang": "es", "value": "El encabezado X-Frame-Options en Rockwell Automation MicroLogix 1100/1400 Versiones 21.007 y anteriores, no est\u00e1 configurado en la respuesta HTTP, lo que podr\u00eda permitir ataques de clickjacking"}], "id": "CVE-2022-2179", "lastModified": "2022-07-27T21:45:52.333", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2022-07-20T16:15:09.030", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135994"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1021"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-1021"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}