First published: Thu Mar 18 2021(Updated: )
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Factorytalk Services Platform | =6.10.00 | |
Rockwellautomation Factorytalk Services Platform | =6.11.00 | |
Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-14516 is a vulnerability in Rockwell Automation FactoryTalk Services Platform versions 6.10.00 and 6.11.00.
CVE-2020-14516 affects the implementation of the SHA-256 hashing algorithm in FactoryTalk Services Platform, causing issues with password hashing.
CVE-2020-14516 is considered critical with a severity value of 10.
CVE-2020-14516 affects versions 6.10.00 and 6.11.00 of Rockwell Automation FactoryTalk Services Platform.
To fix CVE-2020-14516, it is recommended to update Rockwell Automation FactoryTalk Services Platform to a patched version provided by the vendor.