{"api_version":"1","generated_at":"2026-04-23T07:56:16+00:00","cve":"CVE-2019-19096","urls":{"html":"https://cve.report/CVE-2019-19096","api":"https://cve.report/api/cve/CVE-2019-19096.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-19096","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-19096"},"summary":{"title":"CVE-2019-19096","description":"The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.","state":"PUBLIC","assigner":"cybersecurity@ch.abb.com","published_at":"2020-04-02 20:15:00","updated_at":"2023-05-16 20:21:00"},"problem_types":["CWE-522"],"metrics":[],"references":[{"url":"https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch","name":"https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"","mime":"application/pdf","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-19096","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19096","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"19096","vulnerable":"1","versionEndIncluding":"6.0.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"abb","cpe5":"esoms","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"19096","vulnerable":"1","versionEndIncluding":"6.0.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hitachienergy","cpe5":"esoms","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cybersecurity@ch.abb.com","ID":"CVE-2019-19096","STATE":"PUBLIC","TITLE":"ABB eSOMS: REDIS clear text credentials"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"ABB","product":{"product_data":[{"product_name":"eSOMS","version":{"version_data":[{"version_value":"6.0 to 6.0.2"}]}}]}}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-257 Storing Passwords in a Recoverable Format"}]}]},"references":{"reference_data":[{"refsource":"CONFIRM","name":"https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch","url":"https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch"}]},"source":{"discovery":"EXTERNAL"}},"nvd":{"publishedDate":"2020-04-02 20:15:00","lastModifiedDate":"2023-05-16 20:21:00","problem_types":["CWE-522"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":4.2},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":3.6},"severity":"LOW","exploitabilityScore":3.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:hitachienergy:esoms:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndIncluding":"6.0.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"19096","Ordinal":"160663","Title":"CVE-2019-19096","CVE":"CVE-2019-19096","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"19096","Ordinal":"1","NoteData":"The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"19096","Ordinal":"2","NoteData":"2020-04-02","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"19096","Ordinal":"3","NoteData":"2020-04-02","Type":"Other","Title":"Modified"}]}}}