Skip to main content

Esoms

6 CVEs product

Monthly

CVE-2023-5516 MEDIUM This Month

Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Esoms
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-5515 MEDIUM This Month

The responses for web queries with certain parameters disclose internal path of resources. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Esoms
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-5514 MEDIUM This Month

The response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Esoms
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2021-35527 HIGH This Week

Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials that are stored by the browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Abb Information Disclosure Esoms
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-26845 HIGH This Week

Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Abb Information Disclosure Authentication Bypass Esoms
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2018-14805 CRITICAL Act Now

ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Abb Esoms
NVD
CVSS 3.0
9.8
EPSS
4.8%
EPSS 0% CVSS 5.3
MEDIUM This Month

Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Esoms
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The responses for web queries with certain parameters disclose internal path of resources. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Esoms
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Esoms
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials that are stored by the browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Abb Information Disclosure Esoms
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Abb Information Disclosure Authentication Bypass +1
NVD
EPSS 5% CVSS 9.8
CRITICAL Act Now

ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Abb Esoms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy