Lucene search
+L

15 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 2:25 p.m.8 views

CVE-2021-27463

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive...

5.3CVSS6.9AI score0.009EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-14215

Malware in sbrugna...

7.5CVSS7.6AI score0.01397EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-19767

Malware in sbrugna...

7.5CVSS7.5AI score0.01271EPSS
Exploits0References2
CNVD
CNVD
added 2021/05/21 12:0 a.m.5 views

Unspecified Vulnerability in Emerson Rosemount X-STREAM Gas Analyzer (CNVD-2021-37939)

The Emerson Rosemount X-STREAM Gas Analyzer is an Emerson gas analyzer for industrial environments. The device supports up to five component gas analyzers and features NDIR/UV/VIS photometry, paramagnetic and electrochemical O2, thermal conductivity and humidity sensors. A security vulnerability...

6.1CVSS6.9AI score0.00699EPSS
Exploits0References1
NVD
NVD
added 2021/05/20 12:15 p.m.11 views

CVE-2021-27465

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications do not validate webpage input, which could allow an attacker to inject arbitrary HTML code into a webpage. This would allow an attacker to modify the page and display incorre...

6.1CVSS0.00642EPSS
Exploits0References1
NVD
NVD
added 2021/05/20 12:15 p.m.14 views

CVE-2021-27467

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information...

6.1CVSS0.00699EPSS
Exploits0References1
Prion
Prion
added 2021/05/20 12:15 p.m.14 views

Information disclosure

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information...

5.8CVSS7AI score0.00699EPSS
Exploits0References1
CVE
CVE
added 2021/05/20 11:51 a.m.45 views

CVE-2021-27461

CVE-2021-27461 is a path traversal vulnerability in Emerson Rosemount X-STREAM Gas Analyzer web servers. Affected products include X-STREAM enhanced XEGP, XEGK, XEFD, and XEXF (all revisions). The underlying issue allows an attacker to access stored data by crafting specific URLs, consistent with...

7.5CVSS7.4AI score0.01397EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/05/20 11:51 a.m.45 views

CVE-2021-27459

CVE-2021-27459 describes a vulnerability in Emerson Rosemount X-STREAM Gas Analyzer where the webserver allows unvalidated file uploads, enabling arbitrary code execution. This affects multiple revisions of the X-STREAM webserver components. Evidence from multiple sources (including ICSA-21-138-0...

9.8CVSS9.5AI score0.01752EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/05/20 11:51 a.m.19 views

CVE-2021-27457

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used for access...

7.7AI score0.00452EPSS
Exploits0References1
CVE
CVE
added 2021/05/20 11:51 a.m.48 views

CVE-2021-27457

CVE-2021-27457 affects Emerson Rosemount X-STREAM Gas Analyzer (X-STREAM enhanced XEGP, XEGK, XEFD, XEXF—all revisions). The root cause is inadequate encryption strength used to store sensitive data, which could allow an attacker to obtain credentials. ICSA/CISA report CVSSv3.1 base score 7.5 (hi...

7.5CVSS7.4AI score0.00452EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/05/20 11:5 a.m.42 views

CVE-2021-27467

The CVE-2021-27467 issue affects Emerson Rosemount X-STREAM Gas Analyzer and its web UI, where the web interface’s handling of UI rendering enables an attacker to route a user to a page controlled by the attacker, potentially exposing sensitive information. The root cause is improper restriction ...

6.1CVSS6.4AI score0.00699EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/05/20 11:5 a.m.49 views

CVE-2021-27463

CVE-2021-27463 affects Emerson Rosemount X-STREAM Gas Analyzer. The vulnerability arises from persistent cookies where the session cookie attribute is not properly invalidated, enabling an attacker to intercept cookies and access sensitive information. Affected products include multiple X-STREAM ...

5.3CVSS5.4AI score0.009EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/12/21 5:4 p.m.55 views

CVE-2020-27254

The CVE-2020-27254 entry concerns Emerson Rosemount X-STREAM Gas Analyzer software (X-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions). Affected products are vulnerable to improper authentication (CWE-287), allowing an attacker who can craft a URL to access log/backup data and obtain sensi...

7.5CVSS7.5AI score0.01271EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2020/12/17 12:0 a.m.27 views

Emerson Rosemount X-STREAM

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Emerson Equipment: Rosemount X-STREAM Gas Analyzer Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker through a...

7.5CVSS7.9AI score0.01271EPSS
Exploits0References5
Rows per page
Query Builder