CVE-2019-19096

Name of the Vulnerable Software and Affected Versions ABB eSOMS versions 6.0 through 6.0.2

Description The issue is related to the storage of credentials in a recoverable format by the Redis data structure component used in ABB eSOMS. This can potentially allow an attacker to gain unauthorized access to protected information if they have file system access, compromising the confidentiality of the credentials.

Recommendations For ABB eSOMS versions 6.0 through 6.0.2, consider restricting access to the Redis data structure component to minimize the risk of exploitation. As a temporary workaround, limit file system access to authorized personnel only until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.