CVE-2018-19016

CVE-2018-19016

Vendor Rockwell
Product Rockwell Automation EtherNet/IP Web Server Modules 1756-EWEB (includes 1756-EWEBK) Version 5.001 and earlier, and CompactLogix 1768-EWEB Version 2.005 and earlier.
Weakness CWE-20 · Input validation
Published March 27, 2019
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

Rockwell Automation EtherNet/IP Web Server Modules 1756-EWEB (includes 1756-EWEBK) Version 5.001 and earlier, and CompactLogix 1768-EWEB Version 2.005 and earlier. A remote attacker could send a crafted UDP packet to the SNMP service causing a denial-of-service condition to occur until the affected product is restarted.

Key dates

02Disclosure timeline

March 27, 2019 CVE published
August 5, 2024 Record updated