Missing X-Frame-Options Header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and Prior: Clickjacking Vulnerability

Missing X-Frame-Options Header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and Prior: Clickjacking Vulnerability

CVE-2022-2179 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks.

Learn more about our Web Application Penetration Testing UK.