CVE-2019-19000
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ABB | eSOMS | 4 | affected |
| ABB | eSOMS | 5 | affected |
| ABB | eSOMS | 6.0.3 | affected |
Weaknesses
- CWE-16: CWE-16 Configuration
- CWE-202: CWE-202 Exposure of Sensitive Data Through Data Queries
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.