Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
eSOMS Cachecontrol (Pragma) HTTP Header
Vulnerability Description
For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
配置
Vulnerability Title
ABB eSOMS 信息泄露漏洞
Vulnerability Description
ABB eSOMS(Electronic Shift Operations Management System)是瑞士ABB公司的一套工厂运营管理系统。 ABB eSOMS 4.0至6.0.3版本中存在安全漏洞,该漏洞源于来自Web服务器的响应并没有设置X-XSS-Protection HTTP响应头并且一些老版本的浏览器并不支持内容安全策略。攻击者可利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A