CVE-2019-19097

CWE-16CWE-3263 documents3 sources
Severity
7.5HIGH
EPSS
0.2%
top 64.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Hitachienergy EsomsABB Esoms
Timeline
PublishedApr 2
Latest updateMay 24

Description

ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

NVDhitachienergy/esoms4.06.0.3
CVEListV5abb/esoms4.0 to 6.0.3

🔴Vulnerability Details

2
GHSA
GHSA-43hf-r4f6-553p: ABB eSOMS versions 42022-05-24
CVEList
ABB eSOMS: SSL medium strength Cipher Suites2020-04-02
CVE-2019-19097 (HIGH CVSS 7.5) | ABB eSOMS versions 4.0 to 6.0.3 acc | cvebase.io