What is CVE-2019-19090?

CVE-2019-19090 is a low-severity vulnerability in Abb Esoms, classified under CWE-16. CVSS score: 3.5/10. Published 2020-04-02.

How severe is CVE-2019-19090?

Low severity. CVSS v3 base score is 3.5 out of 10.

Vulnerability in Abb Esoms

CVE-2019-19090

For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.

EPSS: 0.002 (36.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.5 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N.

Affected products

Abb Esoms — versions 4.0 to 6.0.2

Weakness classification (CWE)

CWE-16

References

search.abb.com/library/Download.aspx (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2019-19090?: CVE-2019-19090 is a low-severity vulnerability in Abb Esoms, classified under CWE-16. CVSS score: 3.5/10. Published 2020-04-02.
How severe is CVE-2019-19090?: Low severity. CVSS v3 base score is 3.5 out of 10.