CVE-2019-19000

Name of the Vulnerable Software and Affected Versions ABB eSOMS versions 4.0 through 6.0.3

Description The issue is related to the improper configuration of the Cache-Control and Pragma HTTP headers within the application response. This can potentially allow browsers and proxies to cache sensitive information, enabling a remote attacker to gain unauthorized access to protected information.

Recommendations For ABB eSOMS versions 4.0 through 6.0.3, consider reconfiguring the Cache-Control and Pragma HTTP headers to prevent caching of sensitive information. As a temporary workaround, restrict access to sensitive information until the issue is resolved.