CVE-2021-42699

EUVD-2021-29659
The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user’s cookie and take over the account.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.7 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
icscertCNA
5.7 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Affected Products (NVD)
VendorProductVersion
azeotechdaqfactory
𝑥
≤ 18.1
azeotechdaqfactory
18.1:build_2347
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02
https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02