Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
516
VMScore

CVE-2019-7226

Published: 27/06/2019 Updated: 30/11/2022
CVSS v2 Base Score: 5.8 | Impact Score: 6.4 | Exploitability Score: 6.5
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 516
Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Abb

Vulnerability Summary

The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated malicious user to bypass authentication and gain access to privileged functions. Specifically, /cgi/loginDefaultUser creates a session in an authenticated state and returns the session ID along with what may be the username and cleartext password of the user. An attacker can then supply an IDALToken value in a cookie, which will allow them to perform privileged operations such as restarting the service with /cgi/restart. A GET request to /cgi/loginDefaultUser may result in "1 #S_OK IDALToken=532c8632b86694f0232a68a0897a145c admin admin" or a similar response.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

abb pb610_panel_builder_600_firmware

Exploits

Exploit DB: ABB IDAL HTTP Server Authentication Bypass
The IDAL HTTP server CGI interface contains a URL, which allows an unauthenticated attacker to bypass authentication and gain access to privileged functions In the IDAL CGI interface, there is a URL (/cgi/loginDefaultUser), which will create a session in an authenticated state and return the session ID along with the username and plaintext passwor ...

Mailing Lists

Full Disclosure: XL-19-010 - ABB IDAL HTTP Server Authentication Bypass Vulnerability
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> XL-19-010 - ABB IDAL HTTP Server Authentication Bypass Vulnerability <!--X-Subject-Header-End--> <!--X-Head-of-Message ...

References

CWE-287http://seclists.org/fulldisclosure/2019/Jun/39http://www.securityfocus.com/bid/108886http://packetstormsecurity.com/files/153402/ABB-IDAL-HTTP-Server-Authentication-Bypass.htmlhttps://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-authentication-bypass-vulnerability-xl-19-010/https://nvd.nist.govhttps://packetstormsecurity.com/files/153402/ABB-IDAL-HTTP-Server-Authentication-Bypass.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook