In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credentials can be captured by an attacker who gains control over the user's computer. Therefore the user must have logged in at least once.
References
Link | Resource |
---|---|
https://cert.vde.com/en-us/advisories/vde-2021-027 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: CERTVDE
Published: 2021-08-16T00:00:00
Updated: 2021-08-31T10:32:55
Reserved: 2021-06-10T00:00:00
Link: CVE-2021-34560
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-08-31T11:15:07.407
Modified: 2022-09-29T15:24:49.683
Link: CVE-2021-34560
JSON object: View
Redhat Information
No data.
CWE