Improper Configuration of Cache-Control and Pragma Headers in ABB eSOMS 4.0 to 6.0.3

Improper Configuration of Cache-Control and Pragma Headers in ABB eSOMS 4.0 to 6.0.3

CVE-2019-19000 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.

Learn more about our Web Application Penetration Testing UK.