The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting.
References
Link | Resource |
---|---|
http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466&LanguageCode=en&DocumentPartId=&Action=Launch | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ABB
Published: 2019-12-18T20:19:34
Updated: 2019-12-18T20:19:34
Reserved: 2019-11-15T00:00:00
Link: CVE-2019-18995
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-12-18T21:15:13.397
Modified: 2019-12-31T16:36:07.567
Link: CVE-2019-18995
JSON object: View
Redhat Information
No data.
CWE