CVE-2019-19096

CWE-257CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.1%
top 84.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Hitachienergy EsomsABB Esoms
Timeline
PublishedApr 2
Latest updateMay 24

Description

The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NExploitability: 1.8 | Impact: 4.2

Affected Packages2 packages

NVDhitachienergy/esoms6.06.0.2
CVEListV5abb/esoms6.0 to 6.0.2

🔴Vulnerability Details

2
GHSA
GHSA-m826-r7fq-85qc: The Redis data structure component used in ABB eSOMS versions 62022-05-24
CVEList
ABB eSOMS: REDIS clear text credentials2020-04-02
CVE-2019-19096 (MEDIUM CVSS 6.1) | The Redis data structure component | cvebase.io