CVE-2021-29397

Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
VendorProductVersion
globalnorthstarnorthstar_club_management
6.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://Ardent-Security.com
https://ardent-security.com/en/advisory/asa-2021-05/
https://Ardent-Security.com
https://ardent-security.com/en/advisory/asa-2021-05/