CVE-2021-27467

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information.
References
Link Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01 Third Party Advisory US Government Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:emerson:x-stream_enhanced_xegp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:x-stream_enhanced_xegp:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:emerson:x-stream_enhanced_xegk_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:x-stream_enhanced_xegk:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:emerson:x-stream_enhanced_xefd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:x-stream_enhanced_xefd:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:emerson:x-stream_enhanced_xexf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:x-stream_enhanced_xexf:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:58

Type Values Removed Values Added
References () https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01 - Third Party Advisory, US Government Resource () https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01 - Third Party Advisory, US Government Resource

Information

Published : 2021-05-20 12:15

Updated : 2024-11-21 05:58


NVD link : CVE-2021-27467

Mitre link : CVE-2021-27467

CVE.ORG link : CVE-2021-27467


JSON object : View

Products Affected

emerson

  • x-stream_enhanced_xefd
  • x-stream_enhanced_xexf
  • x-stream_enhanced_xegk_firmware
  • x-stream_enhanced_xegp
  • x-stream_enhanced_xexf_firmware
  • x-stream_enhanced_xegp_firmware
  • x-stream_enhanced_xefd_firmware
  • x-stream_enhanced_xegk
CWE
CWE-1021

Improper Restriction of Rendered UI Layers or Frames