PT-2021-7987 · Emerson · Emerson Rosemount X-Stream Gas Analyzer

Published

2021-05-18

Updated

2021-05-28

CVE-2021-27465

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Emerson Rosemount X-STREAM Gas Analyzer (affected versions not specified)

Description A vulnerability has been found in the Emerson Rosemount X-STREAM Gas Analyzer, where the affected applications do not validate webpage input. This could allow an attacker to inject arbitrary HTML code into a webpage, enabling them to modify the page and display incorrect or undesirable data. The issue is related to improper neutralization of input during webpage generation, which could be exploited by a remote attacker to inject arbitrary HTML code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

BDU:2024-00855

CVE-2021-27465

Affected Products

Emerson Rosemount X-Stream Gas Analyzer

PT-2021-7987 · Emerson · Emerson Rosemount X-Stream Gas Analyzer

CVE-2021-27465

Weakness Enumeration

Related Identifiers

Affected Products

References · 5