CVE-2021-27463
Summary
| CVE | CVE-2021-27463 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-05-20 12:15:00 UTC |
| Updated | 2021-05-28 14:49:00 UTC |
| Description | A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive information. |
Risk And Classification
Problem Types: CWE-539
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Emerson | X-stream Enhanced Xefd | - | All | All | All |
| Operating System | Emerson | X-stream Enhanced Xefd Firmware | All | All | All | All |
| Hardware | Emerson | X-stream Enhanced Xegk | - | All | All | All |
| Operating System | Emerson | X-stream Enhanced Xegk Firmware | All | All | All | All |
| Hardware | Emerson | X-stream Enhanced Xegp | - | All | All | All |
| Operating System | Emerson | X-stream Enhanced Xegp Firmware | All | All | All | All |
| Hardware | Emerson | X-stream Enhanced Xexf | - | All | All | All |
| Operating System | Emerson | X-stream Enhanced Xexf Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Emerson Rosemount X-STREAM | CISA | MISC | us-cert.cisa.gov | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 591138 Emerson Rosemount X-STREAM Multiple Vulnerabilities (icsa-21-138-01)