CVE-2019-19096

MEDIUM

ABB eSOMS <6.0.2 - Info Disclosure

Title source: llm

Description

The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.

References (1)

[Vendor Advisory] https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch

Scores

CVSS v3 6.1

EPSS 0.0005

EPSS Percentile 15.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Classification

CWE

CWE-522 CWE-257

Status published

Affected Products (1)

hitachienergy/esoms < 6.0.2

Timeline

Published Apr 02, 2020

Tracked Since Feb 18, 2026