CVE-2019-19094

Name of the Vulnerable Software and Affected Versions ABB eSOMS versions 3.9 to 6.0.3

Description The issue is related to a lack of input checks for SQL queries, which might allow an attacker to perform SQL injection attacks against the backend database. This could potentially be exploited by a remote attacker to execute arbitrary SQL queries on the vulnerable application's database.

Recommendations For ABB eSOMS versions 3.9 to 6.0.3, consider implementing input validation and sanitization for SQL queries to prevent SQL injection attacks. As a temporary workaround, restrict access to the backend database to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.