Lucene search
IcscertCVELIST:CVE-2021-42699HistoryNov 05, 2021 - 3:39 p.m.
CVE-2021-42699 AzeoTech DAQFactory
2021-11-0515:39:16
CWE-319
icscert
www.cve.org
3
cve-2021-42699
azeotech
daqfactory
http
cookie
transmission
vulnerability
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
53.3%
The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user’s cookie and take over the account.
CNA Affected
[
{
"product": "DAQFactory",
"vendor": "AzeoTech",
"versions": [
{
"lessThanOrEqual": "New version",
"status": "affected",
"version": "All versions",
"versionType": "custom"
}
]
}
]Related
prion
prion
Code injection
2021-11-05 16:15:00
cve
cve
CVE-2021-42699
2021-11-05 16:15:07
nvd
nvd
CVE-2021-42699
2021-11-05 16:15:07
cnvd
cnvd
DAQFactory plaintext transmission vulnerability
2021-11-05 00:00:00
ics
ics
AzeoTech DAQFactory
2021-11-04 12:00:00
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
53.3%
Related for CVELIST:CVE-2021-42699