Lucene search
IcscertCVELIST:CVE-2021-42703HistoryNov 15, 2021 - 2:03 p.m.
CVE-2021-42703 AzeoTech DAQFactory
2021-11-1514:03:50
CWE-79
icscert
www.cve.org
6
azeotech daqfactory
vulnerability
hijacking cookies
malicious webpage
unintended actions
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0.002
Percentile
52.1%
This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.
CNA Affected
[
{
"product": "HMI Designer",
"vendor": "Advantech",
"versions": [
{
"lessThanOrEqual": "2.1.11.0",
"status": "affected",
"version": "All versions",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
Advantech WebAccess HMI Designer Cross-Site Scripting Vulnerability
2021-11-22 00:00:00
prion
prion
Deserialization of untrusted data
2021-11-15 15:15:00
cve
cve
CVE-2021-42703
2021-11-15 15:15:06
nvd
nvd
CVE-2021-42703
2021-11-15 15:15:06
ics
ics
Advantech WebAccess HMI Designer (Update A)
2021-11-10 12:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0.002
Percentile
52.1%
Related for CVELIST:CVE-2021-42703