7.5
CVE-2019-19097
- EPSS 0.68%
- Veröffentlicht 02.04.2020 20:15:15
- Zuletzt bearbeitet 21.11.2024 04:34:11
- Quelle cybersecurity@ch.abb.com
- CVE-Watchlists
- Unerledigt
ABB eSOMS: SSL medium strength Cipher Suites
ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hitachienergy ≫ Esoms Version >= 4.0 <= 6.0.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.68% | 0.474 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
| cybersecurity@ch.abb.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-326 Inadequate Encryption Strength
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch