CVE-2021-27467

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information.
References
Link Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:emerson:x-stream_enhanced_xegp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:x-stream_enhanced_xegp:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:emerson:x-stream_enhanced_xegk_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:x-stream_enhanced_xegk:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:emerson:x-stream_enhanced_xefd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:x-stream_enhanced_xefd:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:emerson:x-stream_enhanced_xexf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:x-stream_enhanced_xexf:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-05-20 12:15

Updated : 2024-02-28 18:28


NVD link : CVE-2021-27467

Mitre link : CVE-2021-27467

CVE.ORG link : CVE-2021-27467


JSON object : View

Products Affected

emerson

  • x-stream_enhanced_xegk_firmware
  • x-stream_enhanced_xegk
  • x-stream_enhanced_xexf
  • x-stream_enhanced_xefd
  • x-stream_enhanced_xefd_firmware
  • x-stream_enhanced_xegp_firmware
  • x-stream_enhanced_xexf_firmware
  • x-stream_enhanced_xegp
CWE
CWE-1021

Improper Restriction of Rendered UI Layers or Frames