5 matches found
CVE-2019-19089
For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text...
Unspecified Vulnerability in ABB eSOMS (CNVD-2020-19561)
ABB eSOMS is a plant operations management system from ABB Switzerland. ABB eSOMS contains a security vulnerability that originates from not setting a security flag in the HTTP response header, which can be exploited by an attacker to obtain cookie information...
ABB eSOMS Weak Password Vulnerability
ABB eSOMS is a plant operations management system from ABB Switzerland. ABB eSOMS suffers from a weak password vulnerability that can be exploited by attackers to obtain sensitive information...
ABB eSOMS Information Disclosure Vulnerability
ABB eSOMS is a plant operations management system from ABB Switzerland. An information disclosure vulnerability exists in ABB eSOMS, which can be exploited by attackers to conduct cross-site scripting attacks...
ABB eSOMS Identity Information Validation Error Vulnerability
ABB eSOMS is a plant operations management system from ABB Switzerland. ABB eSOMS suffers from an Identity Information Validation Error vulnerability that can be exploited by an attacker to make changes to Viewstate...