PT-2021-7808 · Emerson · Emerson Rosemount X-Stream Gas Analyzer

Published

2021-05-18

Updated

2021-05-28

CVE-2021-27463

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Emerson Rosemount X-STREAM Gas Analyzer (affected versions not specified)

Description A vulnerability has been found in the Emerson Rosemount X-STREAM Gas Analyzer, where the affected applications utilize persistent cookies with the session cookie attribute not properly invalidated. This allows an attacker to intercept the cookies and gain access to sensitive information. The issue is related to the possibility of sending a session cookie file, which can enable a remote attacker to obtain unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-539

Related Identifiers

BDU:2023-03014

CVE-2021-27463

Affected Products

Emerson Rosemount X-Stream Gas Analyzer

PT-2021-7808 · Emerson · Emerson Rosemount X-Stream Gas Analyzer

CVE-2021-27463

Weakness Enumeration

Related Identifiers

Affected Products

References · 7