CVE-2019-19096: ABB eSOMS: REDIS clear text credentials
First published: Thu Apr 02 2020(Updated: )
The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.
Credit: cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hitachienergy Esoms | >=6.0<=6.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-19096?
CVE-2019-19096 is a vulnerability in the Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2.
What is the impact of CVE-2019-19096?
CVE-2019-19096 can potentially compromise the confidentiality of credentials stored in clear text.
How does CVE-2019-19096 occur?
CVE-2019-19096 occurs because the Redis data structure component in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text.
What is the severity of CVE-2019-19096?
CVE-2019-19096 has a severity keyword of 'medium' and a severity value of 6.1.
How can I fix CVE-2019-19096?
To fix CVE-2019-19096, update ABB eSOMS to a version higher than 6.0.2 where this vulnerability is fixed.
- collector/nvd-index
- agent/type
- agent/weakness
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/title
- agent/last-modified-date
- agent/author
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/hitachienergy
- canonical/hitachienergy esoms
- version/hitachienergy esoms/6.0
- version/hitachienergy esoms/6.0.2