Unauthenticated Viewstate Tampering Vulnerability in ABB eSOMS Versions 4.0 to 6.0.3
CVE-2019-19092 · LOW Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.
Learn more about our Web Application Penetration Testing UK.