CVE-2019-19090

Summary

For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.

Affected Software

VendorProductVersion RangeStatus
ABBeSOMS4.0 to 6.0.2affected

Weaknesses

  • CWE-16: CWE-16 Configuration

ADP Enrichment

CVE Program Container

Additional References

References