CVE-2019-19000

Summary

For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.

Affected Software

VendorProductVersion RangeStatus
ABBeSOMS4affected
ABBeSOMS5affected
ABBeSOMS6.0.3affected

Weaknesses

  • CWE-16: CWE-16 Configuration
  • CWE-202: CWE-202 Exposure of Sensitive Data Through Data Queries

ADP Enrichment

CVE Program Container

Additional References

References