CVE-2021-29397

EUVD-2021-16032
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
Affected Products (NVD)
VendorProductVersion
globalnorthstarnorthstar_club_management
6.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://Ardent-Security.com
https://ardent-security.com/en/advisory/asa-2021-05/
https://Ardent-Security.com
https://ardent-security.com/en/advisory/asa-2021-05/