| |
Vulnerability CVE-2019-19096
Published: 2020-04-02
| Description: |
The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality. |
Type:
CWE-522 (Insufficiently Protected Credentials)
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
3.6/10 |
4.9/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
None |
References: |
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
