CVE-2019-19092: ABB eSOMS: Viewstate without MAC Signature
First published: Thu Apr 02 2020(Updated: )
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.
Credit: cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hitachienergy Esoms | >=4.0<=6.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this ABB eSOMS vulnerability?
The vulnerability ID for this ABB eSOMS vulnerability is CVE-2019-19092.
Which versions of ABB eSOMS are affected by this vulnerability?
Versions 4.0 to 6.0.3 of ABB eSOMS are affected by this vulnerability.
What is the severity of CVE-2019-19092?
The severity of CVE-2019-19092 is low, with a severity value of 3.5.
What is the impact of the vulnerability in ABB eSOMS?
The impact of this vulnerability in ABB eSOMS is that alterations to Viewstate might not be noticed.
How can I fix the CVE-2019-19092 vulnerability in ABB eSOMS?
To fix the CVE-2019-19092 vulnerability in ABB eSOMS, update to a version higher than 6.0.3.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/title
- agent/last-modified-date
- agent/author
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/hitachienergy
- canonical/hitachienergy esoms
- version/hitachienergy esoms/4.0
- version/hitachienergy esoms/6.0.3