Multiple vunerabilities in ABB eSOMS
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2019-19096 CVE-2019-19095 CVE-2019-19093 CVE-2019-19092 CVE-2019-19090 CVE-2019-19003 CVE-2019-19002 CVE-2019-19001 |
| CWE-ID | CWE-312 CWE-79 CWE-521 CWE-642 CWE-1004 CWE-644 CWE-1021 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
eSOMS Client/Desktop applications / Office applications |
| Vendor | ABB |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Cleartext storage of sensitive information
EUVDB-ID: #VU26070
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-19096
CWE-ID:
CWE-312 - Cleartext Storage of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the Redis data structure component stores credentials in clear text. A local user can obtain credentials on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionseSOMS: 6.0 - 6.0.2
CPE2.3- cpe:2.3:a:abb:esoms:*:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:6.0.2:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-20-072-01
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Stored cross-site scripting
EUVDB-ID: #VU26069
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-19095
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionseSOMS: 4.0 - 6.0.2
CPE2.3- cpe:2.3:a:abb:esoms:*:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:6.0.2:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-20-072-01
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Weak password requirements
EUVDB-ID: #VU26067
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-19093
CWE-ID:
CWE-521 - Weak Password Requirements
Exploit availability: No
DescriptionThe vulnerability allows an attacker to perform brute-force attack and guess the password.
The vulnerability exists due to weak password requirements. An attacker can perform a brute-force attack and guess users' passwords.
MitigationInstall updates from vendor's website.
Vulnerable software versionseSOMS: 4.0 - 6.0.2
CPE2.3- cpe:2.3:a:abb:esoms:*:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:6.0.2:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-20-072-01
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) External Control of Critical State Data
EUVDB-ID: #VU26066
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-19092
CWE-ID:
CWE-642 - External Control of Critical State Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform some alternations in the target system.
The vulnerability exists due to the affected software uses ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.
MitigationInstall updates from vendor's website.
Vulnerable software versionseSOMS: 4.0 - 6.0.2
CPE2.3- cpe:2.3:a:abb:esoms:*:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:6.0.2:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-20-072-01
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
EUVDB-ID: #VU26064
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-19090
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information on the target system.
The vulnerability exists due to the affected software does not set the secure attribute on authorization tokens or session cookies. A remote authenticated attacker can intercept the transmission and obtain information from the cookie in clear text.
MitigationInstall updates from vendor's website.
Vulnerable software versionseSOMS: 4.0 - 6.0.2
CPE2.3- cpe:2.3:a:abb:esoms:*:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:6.0.2:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-20-072-01
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Sensitive Cookie Without 'HttpOnly' Flag
EUVDB-ID: #VU26062
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-19003
CWE-ID:
CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to read the contents of a cookie and exfiltrate information obtained.
The vulnerability exists due to the "HTTPOnly" flag is not set. This can allow JavaScript to access the cookie contents, which in turn might enable cross-site scripting.
MitigationInstall updates from vendor's website.
Vulnerable software versionseSOMS: 4.0 - 6.0.2
CPE2.3- cpe:2.3:a:abb:esoms:*:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:6.0.2:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-20-072-01
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper Neutralization of HTTP Headers for Scripting Syntax
EUVDB-ID: #VU26061
Risk: Medium
CVSSv4.0: 1.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-19002
CWE-ID:
CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information on the target system.
The vulnerability exists due to the X-XSS-Protection HTTP response header is not set in responses from the web server. This can potentially allow browsers and proxies to cache sensitive information and might increase the risk of cross-site scripting attack. A remote authenticated attacker can gain access to sensitive information. MitigationInstall updates from vendor's website.
Vulnerable software versionseSOMS: 4.0 - 6.0.2
CPE2.3- cpe:2.3:a:abb:esoms:*:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:6.0.2:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-20-072-01
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper Restriction of Rendered UI Layers or Frames
EUVDB-ID: #VU26060
Risk: Medium
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-19001
CWE-ID:
CWE-1021 - Improper Restriction of Rendered UI Layers or Frames
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information on the target system.
The vulnerability exists due to the X-Frame-Options header is not configured in HTTP response. A remote attacker can perform a "ClickJacking" attack and frame parts of the application on a malicious website, revealing sensitive user information such as authentication credentials.
MitigationInstall updates from vendor's website.
Vulnerable software versionseSOMS: 4.0 - 6.0.2
CPE2.3- cpe:2.3:a:abb:esoms:*:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:abb:esoms:6.0.2:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-20-072-01
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
