CVE-2021-27457
20.05.2021, 12:15
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used for access.Enginsight
| Vendor | Product | Version |
|---|---|---|
| emerson | x-stream_enhanced_xegp_firmware | * |
| emerson | x-stream_enhanced_xegk_firmware | * |
| emerson | x-stream_enhanced_xefd_firmware | * |
| emerson | x-stream_enhanced_xexf_firmware | * |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-326 - Inadequate Encryption StrengthThe software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
- CWE-327 - Use of a Broken or Risky Cryptographic AlgorithmThe use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.