VYPR
Unrated severityNVD Advisory· Published Apr 2, 2020· Updated Aug 5, 2024

ABB eSOMS: Secure Flag not set

CVE-2019-19090

Description

For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.

Affected products

2
  • Hitachi/eSOMSllm-fuzzy
    Range: >=4.0, <=6.0.2
  • ABB/eSOMSv5
    Range: 4.0 to 6.0.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.