VAR-202105-0684
Vulnerability from variot - Updated: 2023-12-18 10:53A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive information. Rosemount X-STREAM The following multiple vulnerabilities exist in. * Inadequate encryption strength (CWE-326) - CVE-2021-27457 ‥ * Unlimited upload of dangerous types of files (CWE-434) - CVE-2021-27459 ‥ * Past traversal (CWE-22) - CVE-2021-27461 ‥ * Contains sensitive information Cookie Permanent use of (CWE-539) - CVE-2021-27463 ‥ * Cross-site scripting (CWE-79) - CVE-2021-27465 ‥ * Inappropriate restrictions on rendered user interface layers or frames (CWE-1021) - CVE-2021-27467The expected impact depends on each vulnerability, but it may be affected as follows. * Credentials obtained by a remote third party - CVE-2021-27457 ‥ * Arbitrary code executed by a remote third party - CVE-2021-27459 ‥ * By a remote third party Web Access to sensitive data stored on the server - CVE-2021-27461 ‥ * By a remote third party Cookie Get sensitive information stored in - CVE-2021-27463 ‥ * By a remote third party Web Page tampered with displaying incorrect or unintended data - CVE-2021-27465 ‥ * A remote third party transfers the clicks and keystrokes made by the user to another page to obtain sensitive information. - CVE-2021-27467. The device supports gas analyzers of up to five components, with NDIR/UV/VIS photometer, paramagnetic and electrochemical O2, thermal conductivity and humidity sensors and other functions. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0684",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "x-stream enhanced xefd",
"scope": "eq",
"trust": 1.0,
"vendor": "emerson",
"version": "*"
},
{
"model": "x-stream enhanced xegk",
"scope": "eq",
"trust": 1.0,
"vendor": "emerson",
"version": "*"
},
{
"model": "x-stream enhanced xexf",
"scope": "eq",
"trust": 1.0,
"vendor": "emerson",
"version": "*"
},
{
"model": "x-stream enhanced xegp",
"scope": "eq",
"trust": 1.0,
"vendor": "emerson",
"version": "*"
},
{
"model": "rosemount x-stream",
"scope": null,
"trust": 0.8,
"vendor": "\u30a8\u30de\u30bd\u30f3",
"version": null
},
{
"model": "rosemount x-stream",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a8\u30de\u30bd\u30f3",
"version": null
},
{
"model": "rosemount x-stream",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a8\u30de\u30bd\u30f3",
"version": "enhanced xegp"
},
{
"model": "rosemount x-stream",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a8\u30de\u30bd\u30f3",
"version": "enhanced xegk"
},
{
"model": "rosemount x-stream",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a8\u30de\u30bd\u30f3",
"version": "enhanced xefd"
},
{
"model": "rosemount x-stream",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a8\u30de\u30bd\u30f3",
"version": "enhanced xexf"
},
{
"model": "x-stream enhanced xegp",
"scope": null,
"trust": 0.6,
"vendor": "emerson",
"version": null
},
{
"model": "x-stream enhanced xegk",
"scope": null,
"trust": 0.6,
"vendor": "emerson",
"version": null
},
{
"model": "x-stream enhanced xefd",
"scope": null,
"trust": 0.6,
"vendor": "emerson",
"version": null
},
{
"model": "x-stream enhanced xexf",
"scope": null,
"trust": 0.6,
"vendor": "emerson",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-37941"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"db": "NVD",
"id": "CVE-2021-27463"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:emerson:x-stream_enhanced_xegp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:emerson:x-stream_enhanced_xegp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:emerson:x-stream_enhanced_xegk_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:emerson:x-stream_enhanced_xegk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:emerson:x-stream_enhanced_xefd_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:emerson:x-stream_enhanced_xefd:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:emerson:x-stream_enhanced_xexf_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:emerson:x-stream_enhanced_xexf:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27463"
}
]
},
"cve": "CVE-2021-27463",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-37941",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2021-001505",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-27463",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2021-001505",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-37941",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1235",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-37941"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"db": "NVD",
"id": "CVE-2021-27463"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1235"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive information. Rosemount X-STREAM The following multiple vulnerabilities exist in. * Inadequate encryption strength (CWE-326) - CVE-2021-27457 \u2025 * Unlimited upload of dangerous types of files (CWE-434) - CVE-2021-27459 \u2025 * Past traversal (CWE-22) - CVE-2021-27461 \u2025 * Contains sensitive information Cookie Permanent use of (CWE-539) - CVE-2021-27463 \u2025 * Cross-site scripting (CWE-79) - CVE-2021-27465 \u2025 * Inappropriate restrictions on rendered user interface layers or frames (CWE-1021) - CVE-2021-27467The expected impact depends on each vulnerability, but it may be affected as follows. * Credentials obtained by a remote third party - CVE-2021-27457 \u2025 * Arbitrary code executed by a remote third party - CVE-2021-27459 \u2025 * By a remote third party Web Access to sensitive data stored on the server - CVE-2021-27461 \u2025 * By a remote third party Cookie Get sensitive information stored in - CVE-2021-27463 \u2025 * By a remote third party Web Page tampered with displaying incorrect or unintended data - CVE-2021-27465 \u2025 * A remote third party transfers the clicks and keystrokes made by the user to another page to obtain sensitive information. - CVE-2021-27467. The device supports gas analyzers of up to five components, with NDIR/UV/VIS photometer, paramagnetic and electrochemical O2, thermal conductivity and humidity sensors and other functions. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27463"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"db": "CNVD",
"id": "CNVD-2021-37941"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULMON",
"id": "CVE-2021-27463"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-27463",
"trust": 3.1
},
{
"db": "ICS CERT",
"id": "ICSA-21-138-01",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVNVU97128016",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001505",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-37941",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021051909",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1779",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1235",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27463",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-37941"
},
{
"db": "VULMON",
"id": "CVE-2021-27463"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"db": "NVD",
"id": "CVE-2021-27463"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1235"
}
]
},
"id": "VAR-202105-0684",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-37941"
}
],
"trust": 1.1654762
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-37941"
}
]
},
"last_update_date": "2023-12-18T10:53:49.165000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "EmersonCyber\u00a0Security\u00a0NotificationAlert\u00a0EMR.RMT20006-2",
"trust": 0.8,
"url": "https://www.emerson.com/documents/automation/security-notification-rosemount-x-stream-continuous-gas-analyzers-cyber-security-notification-en-7238500.pdf"
},
{
"title": "Patch for Emerson Rosemount X-STREAM Gas Analyzer has unspecified vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/269051"
},
{
"title": "Emerson Rosemount X-STREAM Gas Analyzer Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=152362"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-37941"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1235"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-539",
"trust": 1.0
},
{
"problemtype": "Inappropriate restrictions on rendered user interface layers or frames (CWE-1021) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Path traversal (CWE-22) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Inadequate encryption strength (CWE-326) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Unlimited upload of dangerous types of files (CWE-434) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Permanent with important information Cookie Use of (CWE-539) [IPA Evaluation ]",
"trust": 0.8
},
{
"problemtype": " Cross-site scripting (CWE-79) [IPA Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"db": "NVD",
"id": "CVE-2021-27463"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu97128016"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27463"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021051909"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1779"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-37941"
},
{
"db": "VULMON",
"id": "CVE-2021-27463"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"db": "NVD",
"id": "CVE-2021-27463"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1235"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-37941"
},
{
"db": "VULMON",
"id": "CVE-2021-27463"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"db": "NVD",
"id": "CVE-2021-27463"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1235"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-37941"
},
{
"date": "2021-05-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27463"
},
{
"date": "2021-05-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"date": "2021-05-20T12:15:08.197000",
"db": "NVD",
"id": "CVE-2021-27463"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1235"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-37941"
},
{
"date": "2021-05-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27463"
},
{
"date": "2021-05-24T06:08:00",
"db": "JVNDB",
"id": "JVNDB-2021-001505"
},
{
"date": "2021-05-28T14:49:59.013000",
"db": "NVD",
"id": "CVE-2021-27463"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1235"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Emerson\u00a0 Made \u00a0Rosemount\u00a0X-STREAM\u00a0 Multiple vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-001505"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1235"
}
],
"trust": 1.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…