Vulnerability Details CVE-2018-19016
Rockwell Automation EtherNet/IP Web Server Modules 1756-EWEB (includes 1756-EWEBK) Version 5.001 and earlier, and CompactLogix 1768-EWEB Version 2.005 and earlier. A remote attacker could send a crafted UDP packet to the SNMP service causing a denial-of-service condition to occur until the affected product is restarted.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
Products affected by CVE-2018-19016
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:2.002
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:3.001
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:3.005
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:3.006
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:4.003
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:4.006
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:4.009
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:4.010
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:4.011
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:4.012
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:4.014
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:4.016
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1756-eweb:5.001
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1768-eweb:-
-
cpe:2.3:a:rockwellautomation:ethernet/ip_web_server_module_1768-eweb:2.005