Rockwell Automation/Allen-Bradley MicroLogix 1400 1766-L32xxx Series A < 7.000 / Series B <= 11.000 HTTP Remote DoS

High Nessus Network Monitor Plugin ID 7199


A MicroLogix 1400 programmable logic controller (PLC) has been detected which is vulnerable to a Denial of Service attack vector.


Rockwell Automation MicroLogix 1400 PLCs contain an unspecified flaw in the password mechanism that may allow a remote denial of service. The issue is only present when the HTTP server is enabled. This may allow a remote attacker to cause the program to crash.


Upgrade the firmware of MicroLogix 1400 1766-L32xxx Series A to 7.000 or Series B to 11.000.

See Also

Plugin Details

Severity: High

ID: 7199

File Name: 7199.pasl

Version: 1.0

Family: SCADA

Published: 2016/04/29

Modified: 2016/04/29

Risk Information

Risk Factor: High


Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:rockwellautomation:ab_micrologix_controller:1400

Patch Publication Date: 2011/05/19

Vulnerability Publication Date: 2011/05/19

Reference Information

OSVDB: 98239