admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-274xx/CVE-2021-27463.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

207 lines
5.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-27463",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2021-05-20T12:15:08.197",
"lastModified": "2024-11-21T05:58:02.533",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive information."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en m\u00faltiples revisiones del programa Emerson Rosemount X-STREAM Gas Analyzer. Las aplicaciones afectadas usan cookies persistentes donde el atributo de cookie de sesi\u00f3n no est\u00e1 apropiadamente invalidada, permitiendo a un atacante interceptar las cookies y conseguir acceso a informaci\u00f3n confidencial"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-539"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:x-stream_enhanced_xegp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5270378D-26DB-440F-B367-3DD5448AE617"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:x-stream_enhanced_xegp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F281FEE8-4070-438F-992E-2CDA93FB1F1A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:x-stream_enhanced_xegk_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D80C8438-3710-4601-A50B-20C935E45ECD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:x-stream_enhanced_xegk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3447F879-FEB9-4FBE-97A9-42C7089B2641"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:x-stream_enhanced_xefd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5D8DF7-B1B5-43BA-A0D8-12918844454B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:x-stream_enhanced_xefd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33A8815B-A002-428F-95D1-A9BD87CC34A5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:x-stream_enhanced_xexf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAACCF9F-2B01-4F80-BE90-69B4D432BCB1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:x-stream_enhanced_xexf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49291A79-646A-40B2-8524-00C37CC1BBF3"
}
]
}
]
}
],
"references": [
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink