Lucene search
China National Vulnerability DatabaseCNVD-2021-85893HistoryNov 05, 2021 - 12:00 a.m.
DAQFactory plaintext transmission vulnerability
2021-11-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
daqfactory
plaintext transmission
vulnerability
http
network traffic
cookie
account takeover
EPSS
0.002
Percentile
53.3%
DAQFactory is a software and application development platform that provides a variety of tools that allow you to easily create HMI/SCADA applications. DAQFactory 18.1 Build 2347 and earlier versions are vulnerable to plaintext transmission. The vulnerability stems from the transmission of cookie information in plaintext over HTTP. An attacker could exploit the vulnerability by capturing network traffic to obtain a userβs cookie and take over an account.
Related
cve
cve
CVE-2021-42699
2021-11-05 16:15:07
nvd
nvd
CVE-2021-42699
2021-11-05 16:15:07
cvelist
cvelist
CVE-2021-42699 AzeoTech DAQFactory
2021-11-05 15:39:16
prion
prion
Code injection
2021-11-05 16:15:00
ics
ics
AzeoTech DAQFactory
2021-11-04 12:00:00