Abb - Esoms CVE

Filtered by vendor Abb Subscribe

Filtered by product Esoms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-19090	1 Abb	1 Esoms	2020-04-03	3.5 LOW	3.5 LOW
For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.
CVE-2019-19092	1 Abb	1 Esoms	2020-04-03	3.5 LOW	3.5 LOW
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.

Vulnerabilities (CVE)