ABB eSOMS: SQL injection vulnerability
CVE-2019-19094

7.6HIGH

Key Information:

Vendor: Abb
Status: Esoms
Vendor: CVE Published:; 2 April 2020

What is CVE-2019-19094?

Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database.

Affected Version(s)

eSOMS 3.9 to 6.0.3

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 2, 2020
Vulnerability Reserved
Nov 18, 2019

.