Lucene search
+L

90 matches found

CNNVD
CNNVD
added 2021/05/18 12:0 a.m.7 views

Emerson Rosemount X-STREAM Gas Analyzer 跨站脚本漏洞

The Emerson Rosemount X-STREAM Gas Analyzer is an Emerson gas analyzer for industrial environments. The device supports up to five component gas analyzers and features NDIR/UV/VIS photometry, paramagnetic and electrochemical O2, thermal conductivity and humidity sensors. A cross-site scripting...

6.1CVSS5.2AI score0.00642EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/05/18 12:0 a.m.8 views

Emerson Rosemount X-STREAM Gas Analyzer 路径遍历漏洞

The Emerson Rosemount X-STREAM Gas Analyzer is an Emerson gas analyzer for industrial environments. The device supports up to five component gas analyzers and features NDIR/UV/VIS photometry, paramagnetic and electrochemical O2, thermal conductivity and humidity sensors. A path traversal...

7.5CVSS5.6AI score0.01397EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/05/18 12:0 a.m.4 views

Emerson Rosemount X-STREAM Gas Analyzer 代码问题漏洞

The Emerson Rosemount X-STREAM Gas Analyzer is an Emerson gas analyzer for industrial environments. The device supports up to five component gas analyzers and features NDIR/UV/VIS photometry, paramagnetic and electrochemical O2, thermal conductivity and humidity sensors. The Emerson Rosemount...

9.8CVSS6.2AI score0.01752EPSS
Exploits0References4
ICS
ICS
added 2021/01/21 12:0 a.m.65 views

WAGO M&M Software fdtCONTAINER (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: M&M Software GmbH, a subsidiary of WAGO Kontakttechnik Equipment: fdtCONTAINER Vulnerability: Deserialization of Untrusted Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

7.8CVSS7.5AI score0.0134EPSS
Exploits0References5
NVD
NVD
added 2020/12/21 6:15 p.m.31 views

CVE-2020-27254

Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information...

7.5CVSS7.6AI score0.01271EPSS
Exploits0References1
Prion
Prion
added 2020/12/21 6:15 p.m.13 views

Authentication flaw

Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information...

5CVSS7.5AI score0.01271EPSS
Exploits0References1
CVE
CVE
added 2020/12/21 5:4 p.m.55 views

CVE-2020-27254

The CVE-2020-27254 entry concerns Emerson Rosemount X-STREAM Gas Analyzer software (X-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions). Affected products are vulnerable to improper authentication (CWE-287), allowing an attacker who can craft a URL to access log/backup data and obtain sensi...

7.5CVSS7.5AI score0.01271EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/12/21 5:4 p.m.30 views

CVE-2020-27254

Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information...

7.6AI score0.01271EPSS
Exploits0References1
ICS
ICS
added 2020/12/17 12:0 a.m.27 views

Emerson Rosemount X-STREAM

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Emerson Equipment: Rosemount X-STREAM Gas Analyzer Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker through a...

7.5CVSS7.9AI score0.01271EPSS
Exploits0References5
ICS
ICS
added 2015/10/11 6:0 a.m.1083 views

Emerson HART DTM Vulnerability

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-008-01 Emerson HART DTM Vulnerability that was published January 8, 2015, on the NCCIC/ICS-CERT web site. Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights...

2.1CVSS6AI score0.00374EPSS
Exploits0References10
Rows per page
Query Builder