3 matches found
CVE-2019-7226
The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. Specifically, /cgi/loginDefaultUser creates a session in an authenticated state and returns the session ID along with what may be the...
CVE-2019-7226
The CVE-2019-7226 issue affects ABB IDAL HTTP server CGI interface in PB610 Panel Builder 600. The /cgi/loginDefaultUser endpoint allows an unauthenticated attacker to bypass authentication by creating an authenticated session and returning the session token along with the user credentials (usern...
ABB IDAL HTTP Server Authentication Bypass
XL-19-010 - ABB IDAL HTTP Server Authentication Bypass Vulnerability ======================================================================== Identifiers ----------- XL-19-010 CVE-2019-7226 ABBVU-IAMF-1902005 CVSS Score ---------- 8.8 AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected vendor...