CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-14516

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile8.18th
Published2021年3月18日
Last Modified2024年11月21日

Vulnerability Description

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly.

Affected Platforms (CPE)

📦
Rockwellautomation

Factorytalk Services Platform

= 6.10.00
📦
Rockwellautomation

Factorytalk Services Platform

= 6.11.00

References & Advisories

🔗 https://us-cert.cisa.gov/ics/advisories/icsa-21-054-01
🔗 https://us-cert.cisa.gov/ics/advisories/icsa-21-054-01

関連する脆弱性情報

CVE-2020-69679.8

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, Factory...

CVE-2020-120338.8

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate s...

CVE-2021-329608.5

Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vu...

CVE-2012-47137.8

Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR...