mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
62 lines
2.2 KiB
JSON
62 lines
2.2 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2021-27463",
|
|
"ASSIGNER": "ics-cert@hq.dhs.gov",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "n/a",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Emerson Rosemount X-STREAM Gas Analyzer",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "X-STREAM enhanced XEGP \u2013 all revisions, X-STREAM enhanced XEGK \u2013 all revisions, X-STREAM enhanced XEFD \u2013 all revisions, X-STREAM enhanced XEXF \u2013 all revisions"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "USE OF PERSISTENT COOKIES CONTAINING SENSITIVE INFORMATION CWE-539"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01",
|
|
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive information."
|
|
}
|
|
]
|
|
}
|
|
} |