First published: Thu Apr 02 2020(Updated: )
For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack.
Credit: cybersecurity@ch.abb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Hitachienergy Esoms | >=4.0<=6.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this ABB eSOMS vulnerability is CVE-2019-19091.
The versions 4.0 to 6.0.3 of ABB eSOMS are affected by this vulnerability.
The severity of CVE-2019-19091 is medium with a CVSS score of 4.3.
An attacker can exploit this vulnerability by using the sensitive information contained in the HTTPS responses to craft a targeted attack.
You can find more information about this vulnerability at the following link: [ABB eSOMS Vulnerability Reference](https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch)