What is CVE-2019-19002?

CVE-2019-19002 is a medium-severity vulnerability in Abb Esoms, classified under CWE-16. CVSS score: 6.3/10. Published 2020-04-02.

How severe is CVE-2019-19002?

Medium severity. CVSS v3 base score is 6.3 out of 10.

XSS in Abb Esoms

CVE-2019-19002

For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting.

EPSS: 0.003 (51.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N.

Affected products

Abb Esoms — versions 4.0 to 6.0.2

Weakness classification (CWE)

CWE-16
CWE-79 — Cross-site Scripting

References

search.abb.com/library/Download.aspx (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2019-19002?: CVE-2019-19002 is a medium-severity vulnerability in Abb Esoms, classified under CWE-16. CVSS score: 6.3/10. Published 2020-04-02.
How severe is CVE-2019-19002?: Medium severity. CVSS v3 base score is 6.3 out of 10.