CVE-2019-19096— ABB eSOMS: REDIS clear text credentials
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-19096
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ABB eSOMS: REDIS clear text credentials
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
以可恢复格式存储口令
Source: NVD (National Vulnerability Database)
Vulnerability Title
ABB eSOMS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ABB eSOMS(Electronic Shift Operations Management System)是瑞士ABB公司的一套工厂运营管理系统。 ABB eSOMS 6.0至6.0.2版本中的Redis数据结构组件存在安全漏洞,该漏洞源于程序将凭证存储为明文形式。攻击者可利用该漏洞影响凭证的保密性。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2019-19096
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-19096
请登录查看更多情报信息。
Same Patch Batch · ABB · 2020-04-02 · 13 CVEs total
| CVE-2019-19094 | 7.6 HIGH | ABB eSOMS: SQL injection vulnerability |
| CVE-2019-19093 | 6.5 MEDIUM | ABB eSOMS: Password complexity issue |
| CVE-2019-19000 | 6.5 MEDIUM | eSOMS Cachecontrol (Pragma) HTTP Header |
| CVE-2019-19001 | 6.5 MEDIUM | eSOMS X-FrameOption |
| CVE-2019-19002 | 6.3 MEDIUM | ABB eSOMS X-XSS-Protection not enabled |
| CVE-2019-19089 | 6.1 MEDIUM | eSOMS: X-Content-Type-Options Header Missing |
| CVE-2019-19097 | 5.9 MEDIUM | ABB eSOMS: SSL medium strength Cipher Suites |
| CVE-2019-19095 | 5.4 MEDIUM | ABB eSOMS: Stored XSS vulnerability |
| CVE-2019-19003 | 5.3 MEDIUM | ABB eSOMS: HTTPOnly flag not set |
| CVE-2019-19091 | 4.3 MEDIUM | ABB eSOMS: HTTP response information leakage |
| CVE-2019-19090 | 3.5 LOW | ABB eSOMS: Secure Flag not set |
| CVE-2019-19092 | 3.5 LOW | ABB eSOMS: Viewstate without MAC Signature |
IV. Related Vulnerabilities
Same vendor: ABB
Same weakness: CWE-257
- CVE-2026-22574
Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞 - CVE-2026-22576
Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞 - CVE-2025-8095
Recoverable obfuscation using the OECH1 prefix encoding in O - CVE-2016-15058
Hirschmann HiLCOS Classic Platform Password Exposure via SNM - CVE-2026-22614
Eaton Easysoft 安全漏洞
V. Comments for CVE-2019-19096
No comments yet