Unrated severityNVD Advisory· Published Dec 18, 2019· Updated Aug 5, 2024
ABB PB610 HMISimulator does not check content-length of the HTTP request
CVE-2019-18995
Description
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting.
Affected products
2<=2.8.0.424+ 1 more
- (no CPE)range: <=2.8.0.424
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- search.abb.com/library/Download.aspxmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.