CVE-2019-19000: eSOMS Cachecontrol (Pragma) HTTP Header
First published: Thu Apr 02 2020(Updated: )
For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.
Credit: cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hitachienergy Esoms | >=4.0<=6.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for ABB eSOMS?
The vulnerability ID for ABB eSOMS is CVE-2019-19000.
What is the severity score of CVE-2019-19000?
The severity score of CVE-2019-19000 is 6.5 (medium).
What is the impact of CVE-2019-19000?
CVE-2019-19000 allows browsers and proxies to cache sensitive information.
How can I fix CVE-2019-19000?
To fix CVE-2019-19000, configure the Cache-Control and Pragma HTTP header(s) properly within the application response for ABB eSOMS 4.0 to 6.0.3.
Where can I find more information about CVE-2019-19000?
More information about CVE-2019-19000 can be found at: [link](https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch)
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/title
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/hitachienergy
- canonical/hitachienergy esoms
- version/hitachienergy esoms/4.0
- version/hitachienergy esoms/6.0.3