CVE-2019-19091

Name of the Vulnerable Software and Affected Versions ABB eSOMS versions 4.0 to 6.0.3

Description The issue is related to errors in processing requests, which can allow a remote attacker to disclose protected information. Specifically, HTTPS responses contain comments with sensitive information about the application, which an attacker might use to craft a targeted attack.

Recommendations For ABB eSOMS versions 4.0 to 6.0.3, consider restricting access to sensitive information in HTTPS responses as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.